6.8 Medium
AI Score
Confidence
Low
0.024 Low
EPSS
Percentile
90.0%
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.
secunia.com/advisories/33617
secunia.com/advisories/33679
typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
www.debian.org/security/2009/dsa-1711
www.securityfocus.com/bid/33376
exchange.xforce.ibmcloud.com/vulnerabilities/48132