CVE-2019-12737
First published: Wed Oct 02 2019(Updated: )
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JetBrains Ktor | <=1.1.5 | |
| JetBrains Ktor | =1.2.0-rc |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-12737?
CVE-2019-12737 is a vulnerability in the JetBrains Ktor framework before version 1.2.0-rc that uses a One-Way Hash with a Predictable Salt for storing user credentials.
How does CVE-2019-12737 affect JetBrains Ktor?
CVE-2019-12737 affects JetBrains Ktor versions up to and including 1.1.5, and version 1.2.0-rc.
What is the severity of CVE-2019-12737?
CVE-2019-12737 has a severity level of medium, with a CVSS score of 5.3.
How can I fix CVE-2019-12737 in JetBrains Ktor?
To fix CVE-2019-12737 in JetBrains Ktor, you should upgrade to version 1.2.0-rc or later.
Where can I find more information about CVE-2019-12737?
For more information about CVE-2019-12737, you can refer to the following link: [JetBrains Security Bulletin Q2 2019](https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/)
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jetbrains
- canonical/jetbrains ktor
- version/jetbrains ktor/1.1.5
- version/jetbrains ktor/1.2.0-rc