CVE-2021-27913 - OpenCVE

The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Acquia	Mautic

Configuration 1 [-]

OR	cpe:2.3:a:acquia:mautic::::::::
	cpe:2.3:a:acquia:mautic:4.0.0:alpha1::::::
	cpe:2.3:a:acquia:mautic:4.0.0:beta::::::
	cpe:2.3:a:acquia:mautic:4.0.0:rc::::::

No data.

References

Link	Providers
https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3

History

No history.

MITRE

Status: PUBLISHED

Assigner: Mautic

Published: 2021-08-30T15:55:21.646676Z

Updated: 2024-09-16T18:08:08.248Z

Reserved: 2021-03-02T00:00:00

Link: CVE-2021-27913

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-08-30T16:15:07.457

Modified: 2021-09-03T16:43:47.267

Link: CVE-2021-27913

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Mautic", "vendor": "Mautic", "versions": [{"lessThan": "3.3.4", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "4.0.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Reported by Michael Rowley https://github.com/michaellrowley, Fixed by Mohit Aghera https://github.com/mohit-rocks"}], "datePublic": "2021-08-30T00:00:00", "descriptions": [{"lang": "en", "value": "The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-327", "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-30T15:55:21", "orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "shortName": "Mautic"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3"}], "source": {"defect": ["MST-18"], "discovery": "EXTERNAL"}, "title": "Use of a Broken or Risky Cryptographic Algorithm", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mautic.org", "DATE_PUBLIC": "2021-08-30T14:06:00.000Z", "ID": "CVE-2021-27913", "STATE": "PUBLIC", "TITLE": "Use of a Broken or Risky Cryptographic Algorithm"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Mautic", "version": {"version_data": [{"version_affected": "<", "version_value": "3.3.4"}, {"version_affected": "<", "version_value": "4.0.0"}]}}]}, "vendor_name": "Mautic"}]}}, "credit": [{"lang": "eng", "value": "Reported by Michael Rowley https://github.com/michaellrowley, Fixed by Mohit Aghera https://github.com/mohit-rocks"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm"}]}]}, "references": {"reference_data": [{"name": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3", "refsource": "MISC", "url": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3"}]}, "source": {"defect": ["MST-18"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:33:17.210Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3"}]}]}, "cveMetadata": {"assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "assignerShortName": "Mautic", "cveId": "CVE-2021-27913", "datePublished": "2021-08-30T15:55:21.646676Z", "dateReserved": "2021-03-02T00:00:00", "dateUpdated": "2024-09-16T18:08:08.248Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA7B8AF8-5929-4515-9EFF-9F589FA3FFDC", "versionEndExcluding": "3.3.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:acquia:mautic:4.0.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "A4B8FCED-A690-45D0-ACE1-871ADA2080F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:acquia:mautic:4.0.0:beta:*:*:*:*:*:*", "matchCriteriaId": "14D56FFE-E768-4502-BA7E-6B34BFE463B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:acquia:mautic:4.0.0:rc:*:*:*:*:*:*", "matchCriteriaId": "C536B44B-C713-47D1-9EBD-E2D94CB0561E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0."}, {"lang": "es", "value": "La funci\u00f3n mt_rand es usada para generar tokens de sesi\u00f3n, esta funci\u00f3n es criptogr\u00e1ficamente defectuosa debido a que su naturaleza es una pseudoaleatoriedad, un atacante puede aprovechar la naturaleza criptogr\u00e1ficamente no segura de esta funci\u00f3n para enumerar tokens de sesi\u00f3n para cuentas que no est\u00e1n bajo su control. Este problema afecta a: Mautic versiones anteriores a 3.3.4; versiones anteriores a 4.0.0."}], "id": "CVE-2021-27913", "lastModified": "2021-09-03T16:43:47.267", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "security@mautic.org", "type": "Secondary"}]}, "published": "2021-08-30T16:15:07.457", "references": [{"source": "security@mautic.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3"}], "sourceIdentifier": "security@mautic.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-338"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-327"}], "source": "security@mautic.org", "type": "Secondary"}]}