CVE-2014-3489 Information

Description

lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 uses a hard-coded salt which makes it easier for remote attackers to guess passwords via a brute force attack.

Reference

http://rhn.redhat.com/errata/RHSA-2014-0816.html http://www.securityfocus.com/bid/68299