CVE-2021-3692
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD
Description
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
Affected (1)
Products: Yiiframework: Yii
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 2.0.0 to 2.0.43 |
Related CWEs
CWE-1241
Use of Predictable Algorithm in Random Number Generator
The device uses an algorithm that is predictable and generates a pseudo-random number.
CWE-330
Use of Insufficiently Random Values
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
References (4)
Source: security@huntr.dev
PatchThird Party Advisory
Source: security@huntr.dev
ExploitIssue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingThird Party Advisory
Timeline
No history available yet.