CVE-2021-27913
published 2021-08-30CVE-2021-27913: The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker…
PriorityP415low3.5CVSS 3.1
AVNACLPRLUIRSUCLINAN
EPSS
0.46%
36.4th percentile
The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acquia | mautic | < 3.3.4 | 3.3.4 |
| acquia | mautic | — | — |
| mautic | core | >= 0 < 3.3.4 | 3.3.4 |
| mautic | core | >= 4.0.0-alpha1 < 4.0.0 | 4.0.0 |
| mautic | mautic | >= unspecified < 3.3.4 | 3.3.4 |
| mautic | mautic | >= unspecified < 4.0.0 | 4.0.0 |
CVSS provenance
nvdv3.13.5LOWCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Use of a Broken or Risky Cryptographic Algorithm
ghsa·2021-09-01
CVE-2021-27913 [LOW] CWE-327 Use of a Broken or Risky Cryptographic Algorithm
Use of a Broken or Risky Cryptographic Algorithm
## ✍️ Description
The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control
## 🕵️♂️ Proof of Concept
Numerous examples and attack implementations can be found in this paper . If you're looking for a practical tool that can crack your mt_rand implementation's seed value, see this project and run the following commands in a console with php5 and OpenWall's tool installed:
`root$ php -r 'mt_srand(13333337); echo mt_rand( ), "\n";'`
After that, copy the output (1863134308) and execute the follo
OSV
Use of a Broken or Risky Cryptographic Algorithm
osv·2021-09-01
CVE-2021-27913 [LOW] Use of a Broken or Risky Cryptographic Algorithm
Use of a Broken or Risky Cryptographic Algorithm
## ✍️ Description
The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control
## 🕵️♂️ Proof of Concept
Numerous examples and attack implementations can be found in this paper . If you're looking for a practical tool that can crack your mt_rand implementation's seed value, see this project and run the following commands in a console with php5 and OpenWall's tool installed:
`root$ php -r 'mt_srand(13333337); echo mt_rand( ), "\n";'`
After that, copy the output (1863134308) and execute the follo
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-08-30
Published