CVE-2019-11808 – Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in …

7 May 2019

Vuln ID: CVE-2019-11808

Published: 2019-05-07 07:29:05Z

Description: Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK’s ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs.

Source: NVD.NIST.GOV

Date:

7 May 2019

Categorie(s):

NVD

Tag(s):

NVD

What is cybersecurity mesh architecture (CSMA)?3 May 2024
97% of security leaders have increased SaaS security budgets3 May 2024
New infosec products of the week: May 3, 20243 May 2024
Chinese government website security is often worryingly bad, say Chinese researchers3 May 2024
Security Excellence Awards – winners revealed!3 May 2024