CVE-2024-47182

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 27, 2024

Updated: Oct 4, 2024

CWE ID 328

CWE ID 326

Summary

CVE-2024-47182 affects Dozzle, a real-time log viewer for Docker containers, prior to version 8.5.3. The vulnerability lies in the use of SHA-256 as the password hash algorithm, rendering user accounts susceptible to rainbow table attacks. This issue has been mitigated by Dozzle's switch to bcrypt, a more secure password hash function, in version 8.5.3.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/yyMaHv
https://www.cve.org/CVERecord?id=CVE-2024-47182
https://nvd.nist.gov/vuln/detail/CVE-2024-47182

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-47182

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations