PBKDF2 usage was identified with an insufficient work factor, i.e. an iteration count (rounds) lower than modern guidelines prescribe. Per OWASP guidance, 210K iterations should be used with SHA512 Likelihood: LOW Confidence: HIGH CWE: - CWE-916: Use of Password Hash With Insufficient Computational Effort
OWASP: - A02:2021 - Cryptographic Failures