CVE-2024-24553 Information

Description

Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition the salt that is computed by Bludit is generated with a non-cryptographically secure function.

Reference

https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/