Vulnerabilities

CVE-2020-28597

by Fred · 03/03/2021

A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password of an account of their choice.

Date published : 2021-03-03

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1221

Similar

Tags: Cybersecurity Alert