Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-47945

Опубликовано: 15 окт. 2024
Источник: nvd
CVSS3: 9.8
CVSS3: 9.1
EPSS Низкий

Описание

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which allows attackers to pre-generate valid session IDs, leading to unauthorized access to user sessions. This is not only due to the use of an (insecure) rand() function call but also because of missing initialization via srand(). As a result only the PIDs are effectively used as seed.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:rittal:iot_interface_firmware:*:*:*:*:*:*:*:*
Версия до 6.21.00.2 (исключая)
cpe:2.3:h:rittal:iot_interface:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:rittal:cmc_iii_processing_units_firmware:*:*:*:*:*:*:*:*
Версия до 6.21.00.2 (исключая)
cpe:2.3:h:rittal:cmc_iii_processing_units:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%
0.00304
Низкий

9.8 Critical

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-340
CWE-331

Связанные уязвимости

github логотип

GHSA-3qfw-5g24-8pmq

CVSS3: 9.1
github
больше 1 года назад

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. The session IDs are predictable, with only 32,768 possible values per user, which allows attackers to pre-generate valid session IDs, leading to unauthorized access to user sessions. This is not only due to the use of an (insecure) rand() function call but also because of missing initialization via srand(). As a result only the PIDs are effectively used as seed.

EPSS

Процентиль: 53%
0.00304
Низкий

9.8 Critical

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-340
CWE-331