Vulnerability in Redhat Enterprise_mrg

CVE-2013-6445

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack.

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.003 (53.4th percentile) — read the EPSS interpretation.

Affected products

Redhat Enterprise_mrg — versions 2.5
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

1030158 (vdb-entry, x_refsource_SECTRACK)
RHSA-2014:0441 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
RHSA-2014:0440 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)