CVE-2019-5440
8.1HIGHUse of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery f
Veröffentlicht: 5/28/2019Aktualisiert: 11/21/2024
Beschreibung
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.
KI-AnalyseKI-gestützt
Betroffene Produkte
revive-adserverrevive_adserver
Referenzen
- https://hackerone.com/reports/576504ExploitThird Party Advisory
- https://hackerone.com/reports/576504ExploitThird Party Advisory