cbcvebase.
CVE-2018-12520
published 2018-07-05

CVE-2018-12520: An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in…

PriorityP358high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EXPLOIT
EPSS
10.67%
95.2th percentile
An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and standard library in use by the host running the service and the username of the user whose session they're targeting can abuse the deterministic random number generation in order to hijack the user's session, thus escalating their access.

Affected

3 ranges
VendorProductVersion rangeFixed in
ntopntopng>= 0 < 2.2+dfsg1-1ubuntu0.1~esm22.2+dfsg1-1ubuntu0.1~esm2
ntopntopng>= 0 < 3.2+dfsg1-1ubuntu0.1~esm23.2+dfsg1-1ubuntu0.1~esm2
ntopntopng>= 3.4 < 3.4.1806173.4.180617

CVSS provenance

nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.