CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-3833

Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. An attacker with a specific formatted password could exploit this vulnerability in order to login in the system with different passwords.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://integriaims.com/en/services/updates/
https://www.incibe.es/en/incibe-cert/notices/aviso/integria-ims-incorrect-authorization
https://integriaims.com/en/services/updates/
https://www.incibe.es/en/incibe-cert/notices/aviso/integria-ims-incorrect-authorization

Products affected by CVE-2021-3833

Artica » Integria Ims » Version: 5.0.92

cpe:2.3:a:artica:integria_ims:5.0.92

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3833

Products

Pricing

Contact Us