logo

Database

Insecure encryption algorithm In dolibarr/dolibarr

Description

Dolibarr ERP and CRM Insecure Encryption Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2017-78882. NVD-2017-78883. OSV-2017-78884. GCVE-2017-7888

References

1. https://www.foxmole.com/advisories/foxmole-2017-02-23.txt

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.