The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: TML
Published: 2022-10-31T20:08:53.909888Z
Updated: 2024-08-03T12:14:40.090Z
Reserved: 2022-09-08T00:00:00
Link: CVE-2022-40295
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-31T21:15:13.227
Modified: 2024-11-21T07:21:12.793
Link: CVE-2022-40295
Redhat
No data.