VDB
GCVE-110-CERTCC-2010-840249
GCVE-110-CERTCC-2010-840249
Advisory PublishedCVSS 10.0/10
The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password.
Risk Scores
CVSS 2.0
10.0/10
Critical · AV:N/AC:L/Au:N/C:C/I:C/A:C
certcc-cam
certcc-cam
impact20population15exploitation0widely_known20score_current23.625ease_of_exploitation10
certcc-vrda
certcc-vrda
d1_impact3d1_population4d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score9.5remediation_levelWreport_confidenceCenvironmental_score9.494769984target_distributionNDenvironmental_vectorCDP:ND/TD:ND/CR:ND/IR:ND/AR:ND
Aliases
References
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
url
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.