CVE-2014-2354

Cogent DataHub <7.3.5 - Info Disclosure

Title source: llm

Description

Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

References (3)

[Various Sources] http://cogentdatahub.com/Download_Software.html

[US Government Resource] http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-14-149-02

Scores

EPSS 0.0010

EPSS Percentile 28.4%

Classification

CWE

CWE-255 CWE-916

Status draft

Affected Products (12)

cogentdatahub/cogent_datahub < 7.3.4

cogentdatahub/cogent_datahub

Timeline

Published May 30, 2014

Tracked Since Feb 18, 2026