Lucene search
PRIOn knowledge basePRION:CVE-2021-27913HistoryAug 30, 2021 - 4:15 p.m.
Design/Logic Flaw
2021-08-3016:15:00
PRIOn knowledge base
www.prio-n.com
5
The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mautic | eq | 4.0.0 alpha1 | |
| mautic | eq | 4.0.0 beta | |
| mautic | lt | 3.3.4 | |
| mautic | eq | 4.0.0 rc |
Related
cve
cve
CVE-2021-27913
2021-08-30 16:15:07
cvelist
cvelist
CVE-2021-27913 Use of a Broken or Risky Cryptographic Algorithm
2021-08-30 00:00:00
friendsofphp
friendsofphp
Use of a Broken or Risky Cryptographic Algorithm
1970-01-01 00:00:00
veracode
veracode
Insecure Cryptographic Function
2021-08-31 07:02:10
cnvd
cnvd
Mautic Security Feature Issue Feature Issue Vulnerability
2021-09-01 00:00:00
nvd
nvd
CVE-2021-27913
2021-08-30 16:15:07
github
github
Use of a Broken or Risky Cryptographic Algorithm
2021-09-01 18:41:06
osv
osv
Use of a Broken or Risky Cryptographic Algorithm
2021-09-01 18:41:06
CVE-2021-27913
2021-08-30 16:15:07