CVE-2019-5440
Last modified
CVE-2019-5440 is a vulnerability of currently unknown severity. Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.. EPSS estimates a 1.58% chance of exploitation in the next 30 days.
Description
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Revive-Adserver | Revive Adserver | < 4.2.1 |
References
- https://hackerone.com/reports/576504Exploit, Third Party Advisory
- https://hackerone.com/reports/576504Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-5440?
How severe is CVE-2019-5440?
How do I fix CVE-2019-5440?
Are you affected by CVE-2019-5440?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST