WEB APPLICATION VULNERABILITIES Standard & Premium

Dolibarr Inadequate Encryption Strength Vulnerability (CVE-2017-7888)

Description

Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.

Remediation

References

Related Vulnerabilities

XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-29208)

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-2138)

MySQL CVE-2015-4766 Vulnerability (CVE-2015-4766)

MySQL Resource Management Errors Vulnerability (CVE-2010-3837)

phpMyAdmin Other Vulnerability (CVE-2006-5116)

Severity

Critical

Classification

CVE-2017-7888 CWE-326 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities