Use of Weak Hash
| Property | |
|---|---|
| Language | clojure |
| Severity |  |
| CWE | CWE-328: Use of Weak Hash |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | High |
| Likelihood Level | Medium |
Description#
The code is using the MD5 hashing algorithm, which is outdated and insecure. MD5 can be easily broken, making it unsuitable for protecting sensitive data like passwords.
Impact#
If this vulnerability is exploited, attackers can quickly crack hashed data such as passwords or tokens, leading to unauthorized access, data breaches, and potential compromise of user accounts or sensitive information.