CVE-2026-5085: CWE-340 Generation of Predictable Numbers or Identifiers in MCRAWFOR Solstice::Session
Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id. The same method is used in the _generateID method in Solstice::Subsession, which is part of the same distribution. The epoch time may be guessed, if it is not leaked in the HTTP Date header. Stringified hash refences will contain predictable content. The built-in rand() function is seeded by 16-bits and is unsuitable for security purposes. The process id comes from a small set of numbers. Predictable session ids could allow an attacker to gain access to systems.
AI Analysis
Technical Summary
Solstice::Session versions through 1440 for Perl generate session identifiers insecurely by combining an MD5 digest seeded with predictable or low-entropy values: epoch time, a stringified hash reference, the built-in rand() function (which is seeded with only 16 bits), and the process ID. The same insecure method is used in Solstice::Subsession. Because these inputs can be guessed or predicted, session IDs are vulnerable to prediction attacks, potentially allowing unauthorized access. No CVSS score or vendor advisory is available, and no patch links are provided.
Potential Impact
The vulnerability allows attackers to predict session IDs due to weak entropy in their generation. This can lead to session hijacking or unauthorized access to systems relying on Solstice::Session for session management. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider implementing additional session management controls or replacing Solstice::Session with a more secure alternative that uses cryptographically secure random number generation for session IDs.
CVE-2026-5085: CWE-340 Generation of Predictable Numbers or Identifiers in MCRAWFOR Solstice::Session
Description
Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id. The same method is used in the _generateID method in Solstice::Subsession, which is part of the same distribution. The epoch time may be guessed, if it is not leaked in the HTTP Date header. Stringified hash refences will contain predictable content. The built-in rand() function is seeded by 16-bits and is unsuitable for security purposes. The process id comes from a small set of numbers. Predictable session ids could allow an attacker to gain access to systems.
CVSS v3.1
Score 9.1critical
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Solstice::Session versions through 1440 for Perl generate session identifiers insecurely by combining an MD5 digest seeded with predictable or low-entropy values: epoch time, a stringified hash reference, the built-in rand() function (which is seeded with only 16 bits), and the process ID. The same insecure method is used in Solstice::Subsession. Because these inputs can be guessed or predicted, session IDs are vulnerable to prediction attacks, potentially allowing unauthorized access. No CVSS score or vendor advisory is available, and no patch links are provided.
Potential Impact
The vulnerability allows attackers to predict session IDs due to weak entropy in their generation. This can lead to session hijacking or unauthorized access to systems relying on Solstice::Session for session management. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider implementing additional session management controls or replacing Solstice::Session with a more secure alternative that uses cryptographically secure random number generation for session IDs.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- CPANSec
- Date Reserved
- 2026-03-28T19:20:25.997Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69dcd01e82d89c981fbb28d7
Added to database: 4/13/2026, 11:14:38 AM
Last enriched: 4/13/2026, 11:17:27 AM
Last updated: 5/29/2026, 1:06:01 PM
Views: 103
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.