CVE-2014-0841
MEDIUMIBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, 6.6.0 - Weak Password Hashing
Title source: llmDescription
IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-weak-password-hash-vulnerability-in-rational-focalpoint-cve-2014-0841/
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90704
Scores
CVSS v3
5.3
EPSS
0.0023
EPSS Percentile
13.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-326
Status
published
Products (5)
ibm/rational_focal_point
6.4
ibm/rational_focal_point
6.4.1
ibm/rational_focal_point
6.5.1
ibm/rational_focal_point
6.5.2
ibm/rational_focal_point
6.6
Published
Apr 27, 2018
Tracked Since
Feb 18, 2026