The host is installed with PHP 8.0.x before 8.0.29, 8.1.x before 8.1.20, or 8.2.x before 8.2.7 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an issue in the random byte generation function used in the SOAP HTTP Digest authentication code. Successful exploitation could allow attackers to lead to a disclosure of 31 bits of uninitialized memory from the client to the server, which also made easier to a malicious server to guess the client's nonce.