CVE-2009-4269
CVSS v2.0
2.1 (Low)
EPSS
0.15 % (52th)
Affected Products
1
Advisories
1
The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution.
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2010-08-16 20:00:01
(14 years ago) - Updated Date
-
2011-01-26 06:41:50
(13 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...