Totally Secure

Security Information and News

NVD NVD Nist GOV

NVD – CVE-2021-27913

ByTotally Secure

Sep 1, 2021
Changed Description 
The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control
This issue affects:
Mautic Mautic
versions prior to 3.3.4;
versions prior to 4.0.0.
The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0.

By Totally Secure

Related Post

NVD NVD Nist GOV

NVD – CVE-2017-20187

Nov 7, 2023 Totally Secure
NVD NVD Nist GOV

NVD – CVE-2017-7252

Nov 7, 2023 Totally Secure
NVD NVD Nist GOV

NVD – CVE-2018-25092

Nov 7, 2023 Totally Secure

You missed

CISA Bulletins Security US Cert

Vulnerability Summary for the Week of April 15, 2024

April 23, 2024 Totally Secure
CISA Bulletins Security US Cert

Vulnerability Summary for the Week of April 8, 2024

April 16, 2024 Totally Secure
CISA Bulletins Security US Cert

Vulnerability Summary for the Week of April 1, 2024

April 9, 2024 Totally Secure
CISA Bulletins Security US Cert

Vulnerability Summary for the Week of March 25, 2024

April 4, 2024 Totally Secure