CVE-2016-2564

Опубликовано: 23 апр. 2017

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the more_entropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation.

Ссылки

https://invisionpower.com/release-notes/419-r37/
Release Notes
Vendor Advisory
https://medium.com/%40iancarroll/bypassing-authentication-in-invision-power-board-with-cve-2016-2564-9a24ea3655f9
https://invisionpower.com/release-notes/419-r37/
Release Notes
Vendor Advisory
https://medium.com/%40iancarroll/bypassing-authentication-in-invision-power-board-with-cve-2016-2564-9a24ea3655f9

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:invisioncommunity:invision_power_board:*:*:*:*:*:*:*:*

Версия до 4.1.8.1 (включая)

EPSS

Процентиль: 53%

0.00305

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-331

Связанные уязвимости

GHSA-w6pf-cx8p-259q