This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system.
Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system.
Metrics
Affected Vendors & Products
References
History
Mon, 23 Sep 2024 12:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 23 Sep 2024 11:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system. | This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system. |
Metrics |
cvssV3_1
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: CERT-In
Published: 2024-03-06T11:34:42.570Z
Updated: 2024-09-23T11:17:20.089Z
Reserved: 2024-02-05T07:50:59.669Z
Link: CVE-2024-25102
Vulnrichment
Updated: 2024-08-01T23:36:21.612Z
NVD
Status : Awaiting Analysis
Published: 2024-03-06T12:15:45.327
Modified: 2024-11-21T09:00:15.760
Link: CVE-2024-25102
Redhat
No data.