CVE-2025-26486

Published Mar 19, 2025

Last updated 16 days ago

CVSS medium 6.0

Overview

Description
Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerability in Beta80 Life 1st allows an Attacker to Bruteforce User Passwords or find a collision to gain access to a target application using BETA80 “Life 1st Identity Manager” as a service for authentication.This issue affects Life 1st: 1.5.2.14234.
Source
a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
6
Impact score
4
Exploitability score
1.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
CWE-327

Social media

Hype score
Not currently trending

  1. CVE-2025-26486 Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predic… https://t.co/IHRzxhjQNQ

    @CVEnew

    19 Mar 2025

    239 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References