CVE-2019-5440
8.1HIGHUse of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery f
Опубликовано: 5/28/2019Обновлено: 11/21/2024
Описание
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.
ИИ-АнализНа базе ИИ
Затронутые продукты
revive-adserverrevive_adserver
Ссылки
- https://hackerone.com/reports/576504ExploitThird Party Advisory
- https://hackerone.com/reports/576504ExploitThird Party Advisory