CVE-2014-2560

The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.
References
Link Resource
https://seclists.org/bugtraq/2014/Mar/185 Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:phoner:phonerlite:*:*:*:*:*:*:*:*

Information

Published : 2020-02-12 06:15

Updated : 2020-02-14 07:30


NVD link : CVE-2014-2560

Mitre link : CVE-2014-2560


JSON object : View

CWE
CWE-916

Use of Password Hash With Insufficient Computational Effort

Advertisement

dedicated server usa

Products Affected

phoner

  • phonerlite