4C Strategies Exonaut Password Hashing Vulnerability in Database

Vulnerability

A vulnerability exists in 4C Strategies Exonaut version 21.6, where passwords stored in the database are hashed without the use of a salt. This lack of salting can make the hashed passwords more susceptible to attacks, such as rainbow table attacks, where precomputed tables of hashes are used to crack unsalted password hashes.

Impact

Exploitation of this vulnerability could lead to unsalted password hashes being stored in the database, increasing the risk of these hashes being cracked and the original passwords being compromised.

Added: Aug 6, 2025, 9:45 PM

Updated: Aug 6, 2025, 9:45 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

4C Strategies Exonaut Password Hashing Vulnerability in Database

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating