Miggo Logo
Miggo Vulnerability Database
CVE-2022-2921

CVE-2022-2921: Exposure of password hashes in notrinos/notrinos-erp

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-2921
GHSA ID
GHSA-44w5-q257-8428
EPSS Score
0.34648%
CWE
CWE-359
Published
8/22/2022
Updated
1/28/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
notrinos/notrinos-erpcomposer< 0.70.7

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from two key issues: 1) Use of MD5 for password hashing, and 2) Exposure of these hashes through database backups. The get_user_auth function was vulnerable because it implemented authentication using MD5 hash comparisons, making credential cracking feasible. The update_admin_password function (called in create_coy.php) was vulnerable because it generated and stored MD5 hashes during admin account creation. These functions were explicitly modified in the patch (replaced with bcrypt/password_hash), confirming their role in the vulnerability. The commit diff shows direct MD5 usage in these functions' pre-patch versions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** *P o**i**rs ***ount is *ut*oriz** to ***kup *n* R*stor* t** **t***s*, *u* to t*is **/s** **n *ownlo** t** ***kup *n* s** t** p*sswor* **s* o* t** Syst*m **ministr*tor ***ount, T** w**k **s* (M**) o* t** p*sswor* **n ** **sily *r**k** *n* **t t**

Reasoning

T** vuln*r**ility st*mm** *rom two k*y issu*s: *) Us* o* M** *or p*sswor* **s*in*, *n* *) *xposur* o* t**s* **s**s t*rou** **t***s* ***kups. T** **t_us*r_*ut* *un*tion w*s vuln*r**l* ****us* it impl*m*nt** *ut**nti**tion usin* M** **s* *omp*risons, m