5.3

CVE-2010-3666

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Typo3Typo3 Version < 4.1.14
Typo3Typo3 Version >= 4.2.0 < 4.2.13
Typo3Typo3 Version >= 4.3.0 < 4.3.4
Typo3Typo3 Version >= 4.4.0 < 4.4.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.2% 0.642
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-330 Use of Insufficiently Random Values

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719
Third Party Advisory
Mailing List
https://security-tracker.debian.org/tracker/CVE-2010-3666
Third Party Advisory
https://typo3.org/security/advisory/typo3-sa-2010-012/#Insecure_Randomness
Vendor Advisory