CVE-2013-10004
MEDIUMTelecomsoftware SAMwin Contact Center Suite 5.1 - Predictable Authentication via SAMwinLIBVB.dll Password Handler
Title source: llmDescription
A vulnerability classified as critical was found in Telecommunication Software SAMwin Contact Center Suite 5.1. This vulnerability affects the function passwordScramble in the library SAMwinLIBVB.dll of the component Password Handler. Incorrect implementation of a hashing function leads to predictable authentication possibilities. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
http://www.modzero.ch/advisories/MZ-13-07_SAMwin_Collisions.txt
Exploit, Third Party Advisory x_refsource_misc
https://vuldb.com/?id.12790
Scores
CVSS v3
6.5
EPSS
0.0092
EPSS Percentile
55.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-287
CWE-307
Status
published
Products (2)
telecomsoftware/samwin_agent
5.01.19.06
telecomsoftware/samwin_contact_center
5.1
Published
May 24, 2022
Tracked Since
Feb 18, 2026