Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability - CVE-2021-22948 - Vulnerability Database
ReviveAdserver

ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability - CVE-2021-22948

High
Reference: CVE-2021-22948
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-22948
Title: ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Overview:

Vulnerability in the generation of session IDs in revive-adserver lt 5.3.0 based on the cryptographically insecure uniqid() PHP function. Under some circumstances an attacker could theoretically be able to brute force session IDs in order to take over a specific account.