SYM_CLJ_0004 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Weak Hash
| Property | Value |
|---|---|
| Language | clojure |
| Severity |  |
| CWE | CWE-328: Use of Weak Hash |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | High |
| Likelihood Level | Medium |
Description
The code is using the MD5 hashing algorithm, which is outdated and insecure. MD5 can be easily broken, making it unsuitable for protecting sensitive data like passwords.
Impact
If this vulnerability is exploited, attackers can quickly crack hashed data such as passwords or tokens, leading to unauthorized access, data breaches, and potential compromise of user accounts or sensitive information.