Name of the Vulnerable Software and Affected Versions: Zend Framework 2 (affected versions not specified)

Description: The issue concerns the generation of random bytes in the ZendMathRand component, which uses PHP's mt rand() function as a fallback when the OpenSSL or Mcrypt extensions are not available. The mt rand() function is predictable for the same PHP process if an attacker can brute force the seed used by the Marsenne-Twister algorithm. This predictability makes mt rand() unsuitable for generating non-trivial random bytes, as it has insufficient entropy to protect against brute force attacks on the seed. Furthermore, the ZendValidateCsrf component generates CSRF tokens using a SHA1 hash of a salt, a random number (possibly generated using mt rand()), and a form name. If the salt is known, an attacker can brute force the SHA1 hash to discover the random number when mt rand() is used, potentially leading to information disclosure and predictability of other mt rand() calls for the same PHP process.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.