Vulnerability in Versa-networks Versa_analytics

CVE-2019-25030

In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction (such as MD5…

EPSS: 0.002 (11.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2019-25030?
CVE-2019-25030 is a medium-severity vulnerability in Versa-networks Versa_analytics, classified under Insufficiently Protected Credentials. CVSS score: 5.5/10. Published 2021-05-26.
How severe is CVE-2019-25030?
Medium severity. CVSS v3 base score is 5.5 out of 10.
Is CVE-2019-25030 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.