CVE-2019-10855

Vulnerability

Computrols CBAS version 18.0.0 mishandles password hashes by using MD5 with a static prefix 'pw' concatenated with the plaintext password. For example, if the password is 'admin', the stored hash is MD5('pwadmin'). This weak hashing scheme is stored in a MySQL database [1].

Exploitation

An attacker who gains access to the database (e.g., through SQL injection or compromised credentials) can extract the MD5 hashes. Because the prefix is known and MD5 is fast, the attacker can perform offline dictionary or brute-force attacks to recover plaintext passwords. The attack does not require user interaction beyond initial access to the database.

Impact

Successful exploitation leads to exposure of user passwords. Since the same password may be reused across other systems, this could lead to broader account compromise. The weak hashing provides no effective protection against offline cracking, allowing an attacker to recover credentials at low computational cost.

Mitigation

No official patch or fixed version has been announced in the available references [1][2]. The vendor should migrate to a strong, salted password hashing algorithm such as bcrypt or Argon2. Until a fix is applied, consider restricting database access and monitoring for unauthorized access.