CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27913

The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.3%

CVSS Severity

CVSS v3 Score 3.5

CVSS v2 Score 3.5

References

Products affected by CVE-2021-27913

Acquia » Mautic » Version: N/A

cpe:2.3:a:acquia:mautic:-
Acquia » Mautic » Version: 1.0.0

cpe:2.3:a:acquia:mautic:1.0.0
Acquia » Mautic » Version: 1.0.1

cpe:2.3:a:acquia:mautic:1.0.1
Acquia » Mautic » Version: 1.0.2

cpe:2.3:a:acquia:mautic:1.0.2
Acquia » Mautic » Version: 1.0.3

cpe:2.3:a:acquia:mautic:1.0.3
Acquia » Mautic » Version: 1.0.4

cpe:2.3:a:acquia:mautic:1.0.4
Acquia » Mautic » Version: 1.0.5

cpe:2.3:a:acquia:mautic:1.0.5
Acquia » Mautic » Version: 1.1.0

cpe:2.3:a:acquia:mautic:1.1.0
Acquia » Mautic » Version: 1.1.1

cpe:2.3:a:acquia:mautic:1.1.1
Acquia » Mautic » Version: 1.1.2

cpe:2.3:a:acquia:mautic:1.1.2
Acquia » Mautic » Version: 1.1.3

cpe:2.3:a:acquia:mautic:1.1.3
Acquia » Mautic » Version: 1.2.0

cpe:2.3:a:acquia:mautic:1.2.0
Acquia » Mautic » Version: 1.2.1

cpe:2.3:a:acquia:mautic:1.2.1
Acquia » Mautic » Version: 1.2.2

cpe:2.3:a:acquia:mautic:1.2.2
Acquia » Mautic » Version: 1.2.3

cpe:2.3:a:acquia:mautic:1.2.3
Acquia » Mautic » Version: 1.2.4

cpe:2.3:a:acquia:mautic:1.2.4
Acquia » Mautic » Version: 1.3.0

cpe:2.3:a:acquia:mautic:1.3.0
Acquia » Mautic » Version: 1.3.1

cpe:2.3:a:acquia:mautic:1.3.1
Acquia » Mautic » Version: 1.4.0

cpe:2.3:a:acquia:mautic:1.4.0
Acquia » Mautic » Version: 1.4.1

cpe:2.3:a:acquia:mautic:1.4.1
Acquia » Mautic » Version: 2.0.0

cpe:2.3:a:acquia:mautic:2.0.0
Acquia » Mautic » Version: 2.0.1

cpe:2.3:a:acquia:mautic:2.0.1
Acquia » Mautic » Version: 2.1.0

cpe:2.3:a:acquia:mautic:2.1.0
Acquia » Mautic » Version: 2.1.1

cpe:2.3:a:acquia:mautic:2.1.1
Acquia » Mautic » Version: 2.10.0

cpe:2.3:a:acquia:mautic:2.10.0
Acquia » Mautic » Version: 2.10.1

cpe:2.3:a:acquia:mautic:2.10.1
Acquia » Mautic » Version: 2.11.0

cpe:2.3:a:acquia:mautic:2.11.0
Acquia » Mautic » Version: 2.12.0

cpe:2.3:a:acquia:mautic:2.12.0
Acquia » Mautic » Version: 2.12.1

cpe:2.3:a:acquia:mautic:2.12.1
Acquia » Mautic » Version: 2.12.2

cpe:2.3:a:acquia:mautic:2.12.2
Acquia » Mautic » Version: 2.13.0

cpe:2.3:a:acquia:mautic:2.13.0
Acquia » Mautic » Version: 2.13.1

cpe:2.3:a:acquia:mautic:2.13.1
Acquia » Mautic » Version: 2.14.0

cpe:2.3:a:acquia:mautic:2.14.0
Acquia » Mautic » Version: 2.14.1

cpe:2.3:a:acquia:mautic:2.14.1
Acquia » Mautic » Version: 2.14.2

cpe:2.3:a:acquia:mautic:2.14.2
Acquia » Mautic » Version: 2.15.0

cpe:2.3:a:acquia:mautic:2.15.0
Acquia » Mautic » Version: 2.15.1

cpe:2.3:a:acquia:mautic:2.15.1
Acquia » Mautic » Version: 2.15.2

cpe:2.3:a:acquia:mautic:2.15.2
Acquia » Mautic » Version: 2.16.5

cpe:2.3:a:acquia:mautic:2.16.5
Acquia » Mautic » Version: 2.2.0

cpe:2.3:a:acquia:mautic:2.2.0
Acquia » Mautic » Version: 2.2.1

cpe:2.3:a:acquia:mautic:2.2.1
Acquia » Mautic » Version: 2.3.0

cpe:2.3:a:acquia:mautic:2.3.0
Acquia » Mautic » Version: 2.4.0

cpe:2.3:a:acquia:mautic:2.4.0
Acquia » Mautic » Version: 2.5.0

cpe:2.3:a:acquia:mautic:2.5.0
Acquia » Mautic » Version: 2.5.1

cpe:2.3:a:acquia:mautic:2.5.1
Acquia » Mautic » Version: 2.6.0

cpe:2.3:a:acquia:mautic:2.6.0
Acquia » Mautic » Version: 2.6.1

cpe:2.3:a:acquia:mautic:2.6.1
Acquia » Mautic » Version: 2.7.0

cpe:2.3:a:acquia:mautic:2.7.0
Acquia » Mautic » Version: 2.7.1

cpe:2.3:a:acquia:mautic:2.7.1
Acquia » Mautic » Version: 2.8.0

cpe:2.3:a:acquia:mautic:2.8.0
Acquia » Mautic » Version: 2.8.1

cpe:2.3:a:acquia:mautic:2.8.1
Acquia » Mautic » Version: 2.8.2

cpe:2.3:a:acquia:mautic:2.8.2
Acquia » Mautic » Version: 2.9.0

cpe:2.3:a:acquia:mautic:2.9.0
Acquia » Mautic » Version: 2.9.1

cpe:2.3:a:acquia:mautic:2.9.1
Acquia » Mautic » Version: 2.9.2

cpe:2.3:a:acquia:mautic:2.9.2
Acquia » Mautic » Version: 3.0.0

cpe:2.3:a:acquia:mautic:3.0.0
Acquia » Mautic » Version: 3.0.1

cpe:2.3:a:acquia:mautic:3.0.1
Acquia » Mautic » Version: 3.0.2

cpe:2.3:a:acquia:mautic:3.0.2
Acquia » Mautic » Version: 3.1.0

cpe:2.3:a:acquia:mautic:3.1.0
Acquia » Mautic » Version: 3.1.1

cpe:2.3:a:acquia:mautic:3.1.1
Acquia » Mautic » Version: 3.1.2

cpe:2.3:a:acquia:mautic:3.1.2
Acquia » Mautic » Version: 3.2.0

cpe:2.3:a:acquia:mautic:3.2.0
Acquia » Mautic » Version: 3.2.1

cpe:2.3:a:acquia:mautic:3.2.1
Acquia » Mautic » Version: 3.2.2

cpe:2.3:a:acquia:mautic:3.2.2
Acquia » Mautic » Version: 3.2.3

cpe:2.3:a:acquia:mautic:3.2.3
Acquia » Mautic » Version: 3.2.4

cpe:2.3:a:acquia:mautic:3.2.4
Acquia » Mautic » Version: 3.2.5

cpe:2.3:a:acquia:mautic:3.2.5
Acquia » Mautic » Version: 3.3.0

cpe:2.3:a:acquia:mautic:3.3.0
Acquia » Mautic » Version: 3.3.1

cpe:2.3:a:acquia:mautic:3.3.1
Acquia » Mautic » Version: 3.3.2

cpe:2.3:a:acquia:mautic:3.3.2
Acquia » Mautic » Version: 3.3.3

cpe:2.3:a:acquia:mautic:3.3.3
Acquia » Mautic » Version: 4.0.0

cpe:2.3:a:acquia:mautic:4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27913

Products

Pricing

Contact Us