CVE-2019-5440

2019-05-28T19:29:00
ID CVE-2019-5440
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:50:00

Description

Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.