CVE-2008-1883

Blackboard Academic Suite 7.x - Info Disclosure

Title source: llm
STIX 2.1

Description

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string.

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3810
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490096/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41935

Scores

EPSS 0.0126
EPSS Percentile 66.0%

Details

CWE
CWE-287
Status published
Products (1)
blackboard/blackboard_academic_suite < 7
Published Apr 18, 2008
Tracked Since Feb 18, 2026