Use of Password Hash Instead of Password for...
High severity
Unreviewed
Published
Apr 3, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Apr 1, 2022
Published to the GitHub Advisory Database
Apr 3, 2022
Last updated
Jan 27, 2023
Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to login to the product by replaying an eavesdropped password hash.
References