CVE-2012-1581 — Mediawiki vulnerability
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 32.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 9
Latest updateMay 17
Description
MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users.
CVSS vector
AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9
Affected Packages3 packages
🔴Vulnerability Details
2📋Vendor Advisories
1Debian▶
CVE-2012-1581: mediawiki - MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers...↗2012
💬Community
3Bugzilla
▶