This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system.
Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system.
                
            Metrics
Affected Vendors & Products
References
        History
                    Mon, 23 Sep 2024 12:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Mon, 23 Sep 2024 11:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system. | This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system. | 
| Metrics | cvssV3_1 
 | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: CERT-In
Published: 2024-03-06T11:34:42.570Z
Updated: 2024-09-23T11:17:20.089Z
Reserved: 2024-02-05T07:50:59.669Z
Link: CVE-2024-25102
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-08-01T23:36:21.612Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2024-03-06T12:15:45.327
Modified: 2024-11-21T09:00:15.760
Link: CVE-2024-25102
 Redhat
                        Redhat
                    No data.