CVE-2024-29886
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-29886 is a vulnerability affecting Serverpod, an app and web server utilized in the Flutter and Dart ecosystem. The issue lies in the old password hash algorithm, which makes the server susceptible to rainbow attacks if an attacker gains access to the database. This vulnerability is resolved by updating to Serverpod version 1.2.6. Prior to the update, the server's password security relied on an outdated algorithm, increasing the risk of unauthorized access through brute-force methods. By upgrading, users can mitigate the threat and secure their Serverpod implementations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.