4 matches found
Improper Password Verification
org.springframework.security, spring-security-crypto is vulnerable to Improper password verification. The vulnerability is due to BCrypt's 72-character password truncation causing BCryptPasswordEncoder.matches to validate only the first 72 characters, allowing incorrect password acceptance...
CVE-2023-31123 effectindex/tripreporter vulnerable to improper password verification on POST `/api/v1/account/login`
effectindex/tripreporter is a community-powered, universal platform for submitting and analyzing trip reports. Prior to commit bd80ba833b9023d39ca22e29874296c8729dd53b, any user with an account on an instance of effectindex/tripreporter, e.g. subjective.report, may be affected by an improper...
CVE-2023-31123 effectindex/tripreporter vulnerable to improper password verification on POST `/api/v1/account/login`
effectindex/tripreporter is a community-powered, universal platform for submitting and analyzing trip reports. Prior to commit bd80ba833b9023d39ca22e29874296c8729dd53b, any user with an account on an instance of effectindex/tripreporter, e.g. subjective.report, may be affected by an improper...
Improper Password Signature Verification Vulnerability in Multiple Siemens Products
Siemens SINEMA Remote Connect is a suite of remote network management platforms from Siemens, Germany.SIMIT Simluation Platform allows simulation of plant setups in order to predict failures at an early planning stage.SINEC INS is a web-based application that combines various network services in...