3 matches found
CVE-2022-37164
Inoda OnTrack v3.4 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additionally, user passwords are hashed without a salt or pepper making it much easier for tools like hashcat to crack the hashes...
CVE-2022-37164
CVE-2022-37164 affects Inoda OnTrack version 3.4. The issue is a weak password policy that enables brute-force access and password hashes stored without salt or pepper, making cracking with tools like hashcat feasible. This combination creates a risk of unauthorized access to the application. The...
CVE-2022-37164
Inoda OnTrack v3.4 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additionally, user passwords are hashed without a salt or pepper making it much easier for tools like hashcat to crack the hashes...