CVE-2025-26486

{"id": "CVE-2025-26486", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 1.5}]}, "published": "2025-03-19T16:15:31.457", "references": [{"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-26486", "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158"}], "vulnStatus": "Received", "weaknesses": [{"type": "Secondary", "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "description": [{"lang": "en", "value": "CWE-327"}, {"lang": "en", "value": "CWE-328"}, {"lang": "en", "value": "CWE-760"}, {"lang": "en", "value": "CWE-916"}]}], "descriptions": [{"lang": "en", "value": "Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash \nWith Insufficient Computational Effort, Use of Weak Hash, Use of a \nOne-Way Hash with a Predictable Salt vulnerability in Beta80 Life 1st \nallows an \nAttacker to Bruteforce User\nPasswords or find a collision to gain access to a target application using BETA80\n\u201cLife 1st Identity Manager\u201d as a service for authentication.This issue affects Life 1st: 1.5.2.14234."}], "lastModified": "2025-03-19T16:15:31.457", "sourceIdentifier": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158"}