Percona Toolkit: Insufficient Computational Effort in Password Hashing Leading to Encryption Brute F
CVE-2024-7701 Published on December 15, 2024
Misuse of SHA256 to create an encryption key
Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects percona-toolkit: 3.6.0.
Weakness Type
Use of Password Hash With Insufficient Computational Effort
The software generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.
Products Associated with CVE-2024-7701
Want to know whenever a new CVE is published for Percona Toolkit? stack.watch will email you.
Affected Versions
percona-toolkit Version 3.6.0 is affected by CVE-2024-7701Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.