vulnerability
SUSE: CVE-2016-5100: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Feb 13, 2017 | Mar 17, 2021 | Mar 17, 2021 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Feb 13, 2017
Added
Mar 17, 2021
Modified
Mar 17, 2021
Description
Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value.
Solution
suse-upgrade-froxlor
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.