5 matches found
EUVD-2024-0777
Malicious code in bioql PyPI...
Weak Cryptographic Hash
Liferay Portal is vulnerable to Weak Cryptographic Hash. The vulnerability exists due to the default password hashing algorithm PBKDF2-HMAC-SHA1 having a low work factor in the Liferay Portal. It allows attackers to crack password hashes quickly, potentially compromising user accounts and gaining...
Liferay Portal defaults to a low work factor for the default password hashing algorithm
The default password hashing algorithm PBKDF2-HMAC-SHA1 in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions defaults to a low work factor, which allows attackers...
CVE-2024-25607
The default password hashing algorithm PBKDF2-HMAC-SHA1 in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions defaults to a low work factor, which allows attackers...
CVE-2024-25607
The default password hashing algorithm PBKDF2-HMAC-SHA1 in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions defaults to a low work factor, which allows attackers...