### [CVE-2011-4432](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4432)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

www/include/configuration/nconfigObject/contact/DB-Func.php in Merethis Centreon before 2.3.2 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach.

### POC

#### Reference
- http://securityreason.com/securityalert/8530

#### Github
No PoCs found on GitHub currently.