| Title | Musicshelf Android 1.1 Use of Weak Hash |
|---|
| Description | Vulnerability : Weak Hashing Algorithms
Description:
It has been found that this application Musicshelf uses the SHA-1 Message_Digest Algorithm, which is weak
Remediation:
Use stronger hash algorithm's .
Severity: Medium
Location of the File :
File Path : io\fabric\sdk\android\services\network\PinningTrustManager.java
## Proof_OF_Concept
Github_Repo: https://github.com/ctflearner/Android_Findings/blob/main/Musicshelf/Weak_Hashing_Algorithms.md |
|---|
| Source | ⚠️ https://github.com/KirillMakarov/Musicshelf |
|---|
| User | Affan (UID 39417) |
|---|
| Submission | 03/10/2024 09:04 (2 years ago) |
|---|
| Moderation | 03/10/2024 12:43 (4 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 256321 [Musicshelf 1.0/1.1 on Android SHA-1 PinningTrustManager.java weak password hash] |
|---|
| Points | 20 |
|---|