8.1

CVE-2019-5440

Exploit

EPSS 0.38%
Veröffentlicht 28.05.2019 19:29:06
Zuletzt bearbeitet 21.11.2024 04:44:56
Quelle support@hackerone.com
CVE-Watchlists
Login
Unerledigt
Login

Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Revive-adserver ≫ Revive Adserver Version < 4.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.584

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

https://hackerone.com/reports/576504

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2019-5440

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-5440

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-5440

EUVD