CVE-2021-3833

Summary

Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. An attacker with a specific formatted password could exploit this vulnerability in order to login in the system with different passwords.

Affected Software

VendorProductVersion RangeStatus
ÁrticaIntegria IMS5.0.92affected

Weaknesses

  • CWE-697: CWE-697 Incorrect Comparison

ADP Enrichment

CVE Program Container

Additional References

References