CVE-2023-3243 (alerton_bcm-web_firmware)

** UNSUPPPORTED WHEN ASSIGNED **
** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash
and utilize it to create new sessions. The hash is also a poorly salted MD5
hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a supported product such
as Alerton
ACM.] Out of an abundance of caution, this CVE ID is being assigned to
better serve our customers and ensure all …

attack brute capture cve fix hash md5 password password attack product result sessions upgrade version web