Wind River Support Network

HomeDefectsLIN1021-6796
Fixed

LIN1021-6796 : Security Advisory - botan - CVE-2017-7252

Created: Nov 5, 2023    Updated: Nov 22, 2023
Resolved Date: Nov 22, 2023
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

CREATE(Triage):(User=admin) CVE-2017-7252 (https://nvd.nist.gov/vuln/detail/CVE-2017-7252)
Live chat
Online