Vulnerability in Apache Derby

CVE-2009-4269

The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that mak…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.015 (70.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2009-4269?
CVE-2009-4269 is a vulnerability in Apache Derby, classified under Cryptographic Issues. Published 2010-08-16.
Is CVE-2009-4269 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.