CVE-2016-3735 Information

Description

Piwigo is image gallery software written in PHP. When a criteria is not met on a host piwigo defaults to usingmt_rand in order to generate password reset tokens. mt_rand output can be predicted after recovering the seed used to generate it. This low an unauthenticated attacker to take over an account providing they know an administrators email address in order to be able to request password reset.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://github.com/Piwigo/Piwigo/issues/470 https://github.com/Piwigo/Piwigo/commit/f51ee90c66527fd7ff634f3e8d414cb670da068d http://piwigo.org/release-2.8.1

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.1