← Back

CVE-2011-2190

nvd nist
Published: Oct 7, 2011Modified: Apr 29, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack.

Affected (137)

Cherokee Project
1 product
Cherokee
Configuration A
137 vulnerable
Vulnerable SoftwareAffected Versions
Cherokee Project
Cherokee
Up to 1.2.98
Cherokee
Version 0.10.0
Cherokee
Version 0.10.1
Cherokee
Version 0.11.0
Cherokee
Version 0.11.1
Cherokee
Version 0.11.2
Cherokee
Version 0.11.3
Cherokee
Version 0.11.4
Cherokee
Version 0.11.5
Cherokee
Version 0.11.6
Cherokee
Version 0.3.0
Cherokee
Version 0.4.0
Cherokee
Version 0.4.10
Cherokee
Version 0.4.11
Cherokee
Version 0.4.12
Cherokee
Version 0.4.13
Cherokee
Version 0.4.14
Cherokee
Version 0.4.15
Cherokee
Version 0.4.16
Cherokee
Version 0.4.17
Cherokee
Version 0.4.18
Cherokee
Version 0.4.19
Cherokee
Version 0.4.1
Cherokee
Version 0.4.20
Cherokee
Version 0.4.21
Cherokee
Version 0.4.22
Cherokee
Version 0.4.23
Cherokee
Version 0.4.24
Cherokee
Version 0.4.25
Cherokee
Version 0.4.26
Cherokee
Version 0.4.27
Cherokee
Version 0.4.28
Cherokee
Version 0.4.29
Cherokee
Version 0.4.2
Cherokee
Version 0.4.30
Cherokee
Version 0.4.3
Cherokee
Version 0.4.4
Cherokee
Version 0.4.5
Cherokee
Version 0.4.6
Cherokee
Version 0.4.7
Cherokee
Version 0.4.8
Cherokee
Version 0.4.9
Cherokee
Version 0.5.0
Cherokee
Version 0.5.1
Cherokee
Version 0.5.2
Cherokee
Version 0.5.3
Cherokee
Version 0.5.4
Cherokee
Version 0.5.5
Cherokee
Version 0.5.6
Cherokee
Version 0.6.0
Cherokee
Version 0.6.1
Cherokee
Version 0.7.0
Cherokee
Version 0.7.1
Cherokee
Version 0.7.2
Cherokee
Version 0.8.0
Cherokee
Version 0.8.1
Cherokee
Version 0.9.0
Cherokee
Version 0.9.1
Cherokee
Version 0.9.2
Cherokee
Version 0.9.3
Cherokee
Version 0.9.4
Cherokee
Version 0.98.0
Cherokee
Version 0.98.1
Cherokee
Version 0.99.07
Cherokee
Version 0.99.0
Cherokee
Version 0.99.10
Cherokee
Version 0.99.11
Cherokee
Version 0.99.12
Cherokee
Version 0.99.13
Cherokee
Version 0.99.14
Cherokee
Version 0.99.15
Cherokee
Version 0.99.16
Cherokee
Version 0.99.17
Cherokee
Version 0.99.18
Cherokee
Version 0.99.19
Cherokee
Version 0.99.1
Cherokee
Version 0.99.20
Cherokee
Version 0.99.21
Cherokee
Version 0.99.22
Cherokee
Version 0.99.23
Cherokee
Version 0.99.24
Cherokee
Version 0.99.25
Cherokee
Version 0.99.26
Cherokee
Version 0.99.27
Cherokee
Version 0.99.28
Cherokee
Version 0.99.29
Cherokee
Version 0.99.2
Cherokee
Version 0.99.30
Cherokee
Version 0.99.31
Cherokee
Version 0.99.32
Cherokee
Version 0.99.33
Cherokee
Version 0.99.34
Cherokee
Version 0.99.35
Cherokee
Version 0.99.36
Cherokee
Version 0.99.37
Cherokee
Version 0.99.38
Cherokee
Version 0.99.39
Cherokee
Version 0.99.3
Cherokee
Version 0.99.40
Cherokee
Version 0.99.41
Cherokee
Version 0.99.42
Cherokee
Version 0.99.43
Cherokee
Version 0.99.44
Cherokee
Version 0.99.45
Cherokee
Version 0.99.46
Cherokee
Version 0.99.47
Cherokee
Version 0.99.48
Cherokee
Version 0.99.49
Cherokee
Version 0.99.4
Cherokee
Version 0.99.5
Cherokee
Version 0.99.6
Cherokee
Version 0.99.8
Cherokee
Version 0.99.9
Cherokee
Version 1.0.0
Cherokee
Version 1.0.10
Cherokee
Version 1.0.11
Cherokee
Version 1.0.12
Cherokee
Version 1.0.13
Cherokee
Version 1.0.14
Cherokee
Version 1.0.15
Cherokee
Version 1.0.16
Cherokee
Version 1.0.17
Cherokee
Version 1.0.18
Cherokee
Version 1.0.19
Cherokee
Version 1.0.1
Cherokee
Version 1.0.20
Cherokee
Version 1.0.2
Cherokee
Version 1.0.3
Cherokee
Version 1.0.4
Cherokee
Version 1.0.5
Cherokee
Version 1.0.6
Cherokee
Version 1.0.7
Cherokee
Version 1.0.8
Cherokee
Version 1.0.9
Cherokee
Version 1.2.0
Cherokee
Version 1.2.1
Cherokee
Version 1.2.2

Related CWEs

CWE-310
CWE-310

References (14)

Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.