Common Weakness Enumeration

CWE-328

Allowed

Use of Weak Hash

Abstraction: Base · Status: Draft

The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).

149 vulnerabilities reference this CWE, most recent first.

GHSA-PHCG-H58R-GMCQ

Vulnerability from github – Published: 2026-02-04 20:43 – Updated: 2026-02-04 20:43
VLAI
Summary
EVE Doesn't Measure Config Partition From 2 Fronts
Details

Impact

PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk and boot without the change being detected by measured boot and remote attestation.

Patches

Fixed in EVE version 9.4.3-lts

Workarounds

None (apart from preventing physical access to the device)

Resources

https://help.zededa.com/hc/en-us/articles/43295940828827-TPM-PCR-Index-Security-Implications https://github.com/lf-edge/eve/commit/d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/lf-edge/eve"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.0-20230126065759-d9383a7ee4e1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-43630"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328",
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-04T20:43:16Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\nPCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256.\nThus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk and boot without the change being detected by measured boot and remote attestation.\n\n### Patches\n\nFixed in EVE version 9.4.3-lts\n\n### Workarounds\n\nNone (apart from preventing physical access to the device)\n\n### Resources\n\nhttps://help.zededa.com/hc/en-us/articles/43295940828827-TPM-PCR-Index-Security-Implications\nhttps://github.com/lf-edge/eve/commit/d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a",
  "id": "GHSA-phcg-h58r-gmcq",
  "modified": "2026-02-04T20:43:16Z",
  "published": "2026-02-04T20:43:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/lf-edge/eve/security/advisories/GHSA-phcg-h58r-gmcq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43630"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lf-edge/eve/commit/d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a"
    },
    {
      "type": "WEB",
      "url": "https://asrg.io/security-advisories/config-partition-not-measured-from-2-fronts"
    },
    {
      "type": "WEB",
      "url": "https://asrg.io/security-advisories/cve-2023-43630"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/lf-edge/eve"
    },
    {
      "type": "WEB",
      "url": "https://help.zededa.com/hc/en-us/articles/43295940828827-TPM-PCR-Index-Security-Implications"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "EVE Doesn\u0027t Measure Config Partition From 2 Fronts"
}

GHSA-PPR9-V8VC-4F6R

Vulnerability from github – Published: 2025-06-12 15:31 – Updated: 2025-06-12 15:31
VLAI
Details

The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-49197"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-12T15:15:39Z",
    "severity": "MODERATE"
  },
  "details": "The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account.",
  "id": "GHSA-ppr9-v8vc-4f6r",
  "modified": "2025-06-12T15:31:23Z",
  "published": "2025-06-12T15:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49197"
    },
    {
      "type": "WEB",
      "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/psirt"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
    },
    {
      "type": "WEB",
      "url": "https://www.first.org/cvss/calculator/3.1"
    },
    {
      "type": "WEB",
      "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json"
    },
    {
      "type": "WEB",
      "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PW38-3JFP-FW32

Vulnerability from github – Published: 2025-05-28 18:33 – Updated: 2025-05-28 18:33
VLAI
Details

The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-48931"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-28T17:15:25Z",
    "severity": "LOW"
  },
  "details": "The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort.",
  "id": "GHSA-pw38-3jfp-fw32",
  "modified": "2025-05-28T18:33:28Z",
  "published": "2025-05-28T18:33:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48931"
    },
    {
      "type": "WEB",
      "url": "https://www.wired.com/story/how-the-signal-knock-off-app-telemessage-got-hacked-in-20-minutes"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q39M-5R2M-G8V4

Vulnerability from github – Published: 2026-06-04 18:30 – Updated: 2026-06-08 15:32
VLAI
Details

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-36182"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-04T16:16:35Z",
    "severity": "CRITICAL"
  },
  "details": "GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack.",
  "id": "GHSA-q39m-5r2m-g8v4",
  "modified": "2026-06-08T15:32:43Z",
  "published": "2026-06-04T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-36182"
    },
    {
      "type": "WEB",
      "url": "https://github.com/BadChemical/IoT-Vulnerability-Research-Public/blob/main/GNCC-GP5-T23/README.md"
    },
    {
      "type": "WEB",
      "url": "http://gncc.com"
    },
    {
      "type": "WEB",
      "url": "http://gp5.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QQ37-7FRG-JXX4

Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-06-26 21:31
VLAI
Details

Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates (e.g., self-signed), since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak.

This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-41256"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-25T10:15:22Z",
    "severity": "HIGH"
  },
  "details": "Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates (e.g., self-signed), since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak.\n\n\n\n\n\n\n\nThis issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5.",
  "id": "GHSA-qq37-7frg-jxx4",
  "modified": "2025-06-26T21:31:10Z",
  "published": "2025-06-26T21:31:10Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/iterate-ch/cyberduck/security/advisories/GHSA-688c-vjrc-84rv"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41256"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250325-02_Cyberduck_Mountain_Duck_Weak_Hash"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R3CW-C95M-WFH9

Vulnerability from github – Published: 2026-06-22 20:59 – Updated: 2026-06-22 20:59
VLAI
Summary
motionEye: Authentication possible via password hash
Details

Summary

An authentication bypass vulnerability exists due to improper trust in client-controlled cookies. The application accepts user-supplied cookie values containing a username and password-hash-derived value as sufficient authentication material. These cookies can be set or modified prior to login, allowing an unauthenticated attacker to impersonate arbitrary users without knowledge of the plaintext password. This issue stems from the absence of server-side validation of authentication state and reliance on attacker-controlled cookie data

Details

The vulnerability arises because the application accepts the client-supplied cookies named meye_password_hash and meye_username as sufficient authentication material. The server does not validate these values against a server-side session or enforce proper authentication checks before establishing an authenticated state. As a result, an unauthenticated attacker can set or modify these cookies to impersonate another user if the target username and corresponding hash are known.

These cookies normally appear after using the "switch user" functionality; however, they can be added manually prior to authentication using standard browser tools (e.g., developer tools or cookie editors) or dynamically loaded by submitting blank credentials. When supplied, the server accepts them and authenticates the attacker as the specified user bypassing the intended authentication flow

Additionally, the password-hash value and username for the admin account used by the application is stored in /etc/motioneye/motion.conf which is globally readable by default on the local system. This means any local user with shell access can obtain a valid hash and values and use them to impersonate the admin via the cookie manipulation described above. While local access is required to retrieve the hash, this significantly lowers the barrier to exploitation in multi-user environments.

PoC

Starting state unauthenticated with no cookies: start state

After manually adding or submitting blank credentials to get the cookies loaded: empty cookies

Adding the credentials and refreshing the page gives us a valid session: admin login with hash

version information and session interaction validation verison

Impact

Authentication bypass

Who is impacted?

Any MotionEye deployment where attackers have access to a username and hash, and/or the /etc/motioneye/motion.conf file with the admin username and hash.

Potential consequences:

  • Account lockouts
  • Attacker persistence by changing the password
  • Enumeration of data
  • Destruction of data
  • Exfiltration of data
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "motioneye"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.44.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46488"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-287",
      "CWE-328",
      "CWE-836"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-22T20:59:31Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "### Summary\nAn authentication bypass vulnerability exists due to improper trust in client-controlled cookies. The application accepts user-supplied cookie values containing a username and password-hash-derived value as sufficient authentication material. These cookies can be set or modified prior to login, allowing an unauthenticated attacker to impersonate arbitrary users without knowledge of the plaintext password. This issue stems from the absence of server-side validation of authentication state and reliance on attacker-controlled cookie data\n\n### Details\nThe vulnerability arises because the application accepts the client-supplied cookies named `meye_password_hash` and `meye_username` as sufficient authentication material. The server does not validate these values against a server-side session or enforce proper authentication checks before establishing an authenticated state. As a result, an unauthenticated attacker can set or modify these cookies to impersonate another user if the target username and corresponding hash are known.\n\nThese cookies normally appear after using the \"switch user\" functionality; however, they can be added manually prior to authentication using standard browser tools (e.g., developer tools or cookie editors) or dynamically loaded by submitting blank credentials. When supplied, the server accepts them and authenticates the attacker as the specified user bypassing the intended authentication flow\n\nAdditionally, the password-hash value and username for the admin account used by the application is stored in `/etc/motioneye/motion.conf` which is globally readable by default on the local system. This means any local user with shell access can obtain a valid hash and values and use them to impersonate the admin via the cookie manipulation described above. While local access is required to retrieve the hash, this significantly lowers the barrier to exploitation in multi-user environments. \n\n### PoC\nStarting state unauthenticated with no cookies:\n\u003cimg width=\"644\" height=\"475\" alt=\"start state\" src=\"https://github.com/user-attachments/assets/cf4aff78-65f7-4f67-99e2-9134c8f04277\" /\u003e\n\nAfter manually adding or submitting blank credentials to get the cookies loaded:\n\u003cimg width=\"643\" height=\"470\" alt=\"empty cookies\" src=\"https://github.com/user-attachments/assets/223878eb-f085-4ac5-a92a-2ac21831c594\" /\u003e\n\n\nAdding the credentials and refreshing the page gives us a valid session:\n\u003cimg width=\"641\" height=\"466\" alt=\"admin login with hash\" src=\"https://github.com/user-attachments/assets/94b350ef-dd32-4cae-8bd8-e48841873f79\" /\u003e\n\n\nversion information and session interaction validation\n\u003cimg width=\"643\" height=\"468\" alt=\"verison\" src=\"https://github.com/user-attachments/assets/94290ad6-4e82-4026-8e27-5374e2f3a631\" /\u003e\n\n\n### Impact\nAuthentication bypass\n\n### Who is impacted?\n\nAny MotionEye deployment where attackers have access to a username and hash, and/or the `/etc/motioneye/motion.conf` file with the admin username and hash.\n\nPotential consequences:\n\n- Account lockouts \n- Attacker persistence by changing the password\n- Enumeration of data\n- Destruction of data\n- Exfiltration of data",
  "id": "GHSA-r3cw-c95m-wfh9",
  "modified": "2026-06-22T20:59:31Z",
  "published": "2026-06-22T20:59:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/motioneye-project/motioneye/security/advisories/GHSA-r3cw-c95m-wfh9"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/motioneye-project/motioneye"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "motionEye: Authentication possible via password hash"
}

GHSA-RFF8-7PH7-XCHR

Vulnerability from github – Published: 2024-12-05 15:31 – Updated: 2025-02-27 18:31
VLAI
Details

MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.  Affected products:

ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-48847"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-327",
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-05T13:15:07Z",
    "severity": "HIGH"
  },
  "details": "MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.\u00a0\nAffected products:\n\n\nABB ASPECT - Enterprise v3.08.01; \nNEXUS Series v3.08.01; \nMATRIX Series v3.08.01",
  "id": "GHSA-rff8-7ph7-xchr",
  "modified": "2025-02-27T18:31:02Z",
  "published": "2024-12-05T15:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48847"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-RFH5-GX7W-H7V7

Vulnerability from github – Published: 2025-04-15 06:30 – Updated: 2026-05-12 15:30
VLAI
Details

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3576"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-15T06:15:44Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.",
  "id": "GHSA-rfh5-gx7w-h7v7",
  "modified": "2026-05-12T15:30:52Z",
  "published": "2025-04-15T06:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3576"
    },
    {
      "type": "WEB",
      "url": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-577017.html"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359465"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-3576"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:9430"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:9418"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:8411"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:15004"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:15003"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:15002"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:15001"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:15000"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:13777"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:13664"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:11487"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXX2-698Q-7R9Q

Vulnerability from github – Published: 2023-12-23 09:30 – Updated: 2023-12-23 09:30
VLAI
Details

A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-5962"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-327",
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-23T09:15:08Z",
    "severity": "MODERATE"
  },
  "details": "A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.\n\n",
  "id": "GHSA-rxx2-698q-7r9q",
  "modified": "2023-12-23T09:30:22Z",
  "published": "2023-12-23T09:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5962"
    },
    {
      "type": "WEB",
      "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V6J3-7JRW-HQ2P

Vulnerability from github – Published: 2022-05-17 04:59 – Updated: 2023-08-25 23:09
VLAI
Summary
Rack Gem Subject to Denial of Service via Hash Collisions
Details

Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.2.0"
            },
            {
              "fixed": "1.2.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.3.0"
            },
            {
              "fixed": "1.3.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jruby:jruby-parent"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2011-5036"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-328",
      "CWE-400"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-27T16:12:55Z",
    "nvd_published_at": "2011-12-30T01:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.",
  "id": "GHSA-v6j3-7jrw-hq2p",
  "modified": "2023-08-25T23:09:49Z",
  "published": "2022-05-17T04:59:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-5036"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/52bbc6b9cc19ce330829"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2011-5036.yml"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20120201040317/http://jruby.org/2011/12/27/jruby-1-6-5-1"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20130213132312/http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2013/dsa-2783"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/903934"
    },
    {
      "type": "WEB",
      "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.ocert.org/advisories/ocert-2011-003.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Rack Gem Subject to Denial of Service via Hash Collisions"
}

Mitigation MIT-51
Architecture and Design
  • Use an adaptive hash function that can be configured to change the amount of computational effort needed to compute the hash, such as the number of iterations ("stretching") or the amount of memory required. Some hash functions perform salting automatically. These functions can significantly increase the overhead for a brute force attack compared to intentionally-fast functions such as MD5. For example, rainbow table attacks can become infeasible due to the high computing overhead. Finally, since computing power gets faster and cheaper over time, the technique can be reconfigured to increase the workload without forcing an entire replacement of the algorithm in use.
  • Some hash functions that have one or more of these desired properties include bcrypt [REF-291], scrypt [REF-292], and PBKDF2 [REF-293]. While there is active debate about which of these is the most effective, they are all stronger than using salts with hash functions with very little computing overhead.
  • Note that using these functions can have an impact on performance, so they require special consideration to avoid denial-of-service attacks. However, their configurability provides finer control over how much CPU and memory is used, so it could be adjusted to suit the environment's needs.
CAPEC-461: Web Services API Signature Forgery Leveraging Hash Function Extension Weakness

An adversary utilizes a hash function extension/padding weakness, to modify the parameters passed to the web service requesting authentication by generating their own call in order to generate a legitimate signature hash (as described in the notes), without knowledge of the secret token sometimes provided by the web service.

CAPEC-68: Subvert Code-signing Facilities

Many languages use code signing facilities to vouch for code's identity and to thus tie code to its assigned privileges within an environment. Subverting this mechanism can be instrumental in an attacker escalating privilege. Any means of subverting the way that a virtual machine enforces code signing classifies for this style of attack.