CWE-759: Use of a One-Way Hash without a Salt.
The software uses a one-way cryptographic hash against an input that should not
be reversible, such as a password,
but the software does not also use a salt as part of the input.
V2.4 Credential Storage Requirements.(2.4.1)
Verify that passwords are stored in a form that is resistant to offline
Passwords SHALL be salted and hashed using an approved one-way key derivation
or password hashing function.
Key derivation and password hashing functions take a password, a salt,
and a cost factor as inputs when generating a password hash.