CVE-2016-6340

Published: Sep 22, 2016Modified: May 6, 2026

8.4

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: NVD

Description

The kickstart file in Red Hat QuickStart Cloud Installer (QCI) forces use of MD5 passwords on deployed systems, which makes it easier for attackers to determine cleartext passwords via a brute-force attack.

Affected (1)

Products: Redhat: Quickstart Cloud Installer

Redhat

1 product

Quickstart Cloud Installer

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Redhat Quickstart Cloud Installer	All versions

Running on/with	Platform Versions
Redhat Enterprise Linux	All versions

Related CWEs

CWE-254

References (4)

http://www.securityfocus.com/bid/92655

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1370315

Source: secalert@redhat.com

Issue TrackingVDB EntryVendor Advisory

http://www.securityfocus.com/bid/92655

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1370315

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVDB EntryVendor Advisory

Timeline

No history available yet.