8.1

CVE-2018-12520

Exploit

EPSS 7.7%
Veröffentlicht 05.07.2018 20:29:00
Zuletzt bearbeitet 21.11.2024 03:45:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and standard library in use by the host running the service and the username of the user whose session they're targeting can abuse the deterministic random number generation in order to hijack the user's session, thus escalating their access.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ntop ≫ Ntopng Version >= 3.4 < 3.4.180617

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	7.7%	0.915

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-335 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

The product uses a Pseudo-Random Number Generator (PRNG) but does not correctly manage seeds.

http://seclists.org/fulldisclosure/2018/Jul/14

Third Party Advisory

Exploit

Mailing List

https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f

Exploit

https://github.com/ntop/ntopng/commit/30610bda60cbfc058f90a1c0a17d0e8f4516221a

Patch

https://www.exploit-db.com/exploits/44973/

Third Party Advisory

Exploit

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2018-12520

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-12520

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-12520

EUVD