Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-5508

Опубликовано: 06 нояб. 2012
Источник: redhat
CVSS2: 1.8
EPSS Низкий

Описание

The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope.

Отчет

Not vulnerable. This issue did not affect the versions of luci (as provided by conga) as shipped with Red Hat Enterprise Linux 5.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5congaNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-338
https://bugzilla.redhat.com/show_bug.cgi?id=874108(Plone): Python random generator used instead of system random generator

EPSS

Процентиль: 57%
0.00357
Низкий

1.8 Low

CVSS2

Связанные уязвимости

nvd логотип

CVE-2012-5508

nvd
больше 11 лет назад

The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope.

debian логотип

CVE-2012-5508

debian
больше 11 лет назад

The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remo ...

github логотип

GHSA-wprr-mc54-c62q

CVSS3: 5.3
github
больше 3 лет назад

Exposure of Sensitive Information in Plone

EPSS

Процентиль: 57%
0.00357
Низкий

1.8 Low

CVSS2