What is GHSA-w259-g563-xw2j?

GHSA-w259-g563-xw2j is a security advisory published by GitHub Security Advisories with Medium severity. A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 ...

Which CVE IDs does GHSA-w259-g563-xw2j cover?

GHSA-w259-g563-xw2j covers the following CVE IDs: CVE-2020-28214. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-w259-g563-xw2j?

GHSA-w259-g563-xw2j has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-w259-g563-xw2jMediumCVSS 5.5

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 ...

Vendor

GitHub Security Advisories

Published

May 24, 2022

Last Modified

May 28, 2026

🔗 CVE IDs covered (1)

CVE-2020-28214 →

📋 Description

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2020-28214
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-04
https://www.se.com/ww/en/download/document/SEVD-2020-315-05
https://github.com/advisories/GHSA-w259-g563-xw2j