lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cloudforms_3.0_management_engine | Redhat | 5.2.1 | 5.2.1 |
Cloudforms_3.0_management_engine | Redhat | * | 5.2.4 |
Cloudforms_3.0_management_engine | Redhat | 5.2.1.6 | 5.2.1.6 |
Cloudforms_3.0_management_engine | Redhat | 5.2.3.2 | 5.2.3.2 |
Cloudforms_3.0_management_engine | Redhat | 5.2.2 | 5.2.2 |
Cloudforms_3.0_management_engine | Redhat | 5.2 | 5.2 |
Cloudforms_3.0_management_engine | Redhat | 5.2.3 | 5.2.3 |