6.9 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.4%
lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack.
rhn.redhat.com/errata/RHSA-2014-0816.html
www.securityfocus.com/bid/68299