TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2026-5085

CRITICAL
9.1

Beschreibung

Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id. The same method is used in the _generateID method in Solstice::Subsession, which is part of the same distribution. The epoch time may be guessed, if it is not leaked in the HTTP Date header. Stringified hash refences will contain predictable content. The built-in rand() function is seeded by 16-bits and is unsuitable for security purposes. The process id comes from a small set of numbers. Predictable session ids could allow an attacker to gain access to systems.

CVE Details

CVSS v3.1 Bewertung9.1
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht4/13/2026
Zuletzt geandert4/13/2026
Quellenvd
Honeypot-Sichtungen0

Schwachen (CWE)

CWE-338CWE-340

Referenzen

https://metacpan.org/dist/Solstice/source/lib/Solstice/Session.pm#L481(9b29abf9-4ab0-4765-b253-1875cd9b441e)
https://metacpan.org/dist/Solstice/source/lib/Solstice/Subsession.pm#L105(9b29abf9-4ab0-4765-b253-1875cd9b441e)
https://security.metacpan.org/docs/guides/random-data-for-security.html(9b29abf9-4ab0-4765-b253-1875cd9b441e)
http://www.openwall.com/lists/oss-security/2026/04/13/2(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.