Insecure service configuration - Salt
Description
Salt is generated in an insecure way, which makes the password easier to guess.
Impact
Obtain valid credentials through dictionary attacks.
Recommendation
Generate the Salt with a secure hashing function.
Threat
Anonymous attacker from the Internet.
Expected Remediation Time
⏱️ 30 minutes.
Requirements
266 - Disable insecure functionalitiesRules
Dart Hardcoded Salt In Pbkdf2Javascript Hardcoded Salt In HashDart Cryptography Hardcoded SaltJava Hardcoded Salt LiteralDart Pointycastle Argon2 Hardcoded SaltKotlin Hardcoded Salt ValueC Sharp Hardcoded Plaintext SaltJava Hardcoded Salt Pbkdf2Scala Hash Without SaltJava One Way Hash Without SaltGo Hardcoded Salt In ScryptTypescript Hardcoded Salt In HashPhp Hardcoded Salt In HashGo Hardcoded Salt In Pbkdf2Kotlin Hardcoded Salt BytesScala Hardcoded Salt In HashFixes