Small Space of Random Values
CVE-2023-39979
Summary
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-334 - Small Space of Random Values
The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.
References
Advisory Timeline
- Published
