Vulnerability Details CVE-2024-47182
Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches to bcrypt, a more appropriate hash for passwords, in version 8.5.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.3%
CVSS Severity
CVSS v3 Score 4.8
References
Products affected by CVE-2024-47182
-
cpe:2.3:a:amirraminfar:dozzle:-