Bludit's SHA-1 Hashing Algorithm Vulnerable to Brute-Force Attacks
CVE-2024-24553

Currently unrated

Key Information:

Vendor: Bludit
Status: Bludit
Vendor: CVE Published:; 24 June 2024

What is CVE-2024-24553?

Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure function.

Affected Version(s)

Bludit Linux 2.0

References

https://www.redguard.ch/blog/2024/06/20/security-advisory...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2024
Vulnerability Reserved
Jan 25, 2024

Credit

Andreas Pfefferle, Redguard AG

JSON