Описание
An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens generation exists in the Zyxel GS1900-10HP firmware version V2.80(AAZI.0)C0. This vulnerability could allow a LAN-based attacker a slight chance to gain a valid session token if multiple authenticated sessions are alive.
Уязвимые конфигурации
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
Одновременно
EPSS
5.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens generation exists in the Zyxel GS1900-10HP firmware version V2.80(AAZI.0)C0. This vulnerability could allow a LAN-based attacker a slight chance to gain a valid session token if multiple authenticated sessions are alive.
EPSS
5.3 Medium
CVSS3
6.5 Medium
CVSS3