CVE-2014-3503

Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the…

redhat·CWE-310·Published 2014-07-11

CVSS

—

EPSS

0.06

KEV

Exploits

cve.orgen

171 chars

Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

NVDen

171 chars

Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

OSV.deven

171 chars

Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

GHSAen

171 chars

Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

NVDes

196 chars

Apache Syncope 1.1.x anterior a 1.1.8 utiliza valores aleatorios débiles para generar contraseñas, lo que facilta a atacantes remotos a divinar la contraseña a través de un ataque de fuerza bruta.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N