[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-18197":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":47,"name":48,"published":49,"updated":34},18197,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":34,"epss_score":42,"epss_percentile":43,"cve":44,"in_cisa_catalog":46,"date":34,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"The flaw is due to a weaknesses in the password hash generation algorithm used in Derby to store passwords in the database, performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions. Successful exploitation will let remote attackers to crack passwords by generating hash collisions.","Apache Derby is prone to an information disclosure vulnerability.","Upgrade to Apache Derby version 10.6.1.0 or later.",[39,40,41],"http://marcellmajor.com/derbyhash.html","https://issues.apache.org/jira/browse/DERBY-4483","http://db.apache.org/derby/releases/release-10.6.1.0.cgi#Fix+for+Security+Bug+CVE-2009-4269",0.00784,0.73719,[45],"CVE-2009-4269",false,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.801284","Apache Derby Information Disclosure Vulnerability","2018-01-02T00:00:00Z"]