CWE-330
DiscouragedUse of Insufficiently Random Values
Abstraction: Class · Status: Stable
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
446 vulnerabilities reference this CWE, most recent first.
GHSA-4248-P65P-HCRM
Vulnerability from github – Published: 2024-01-03 16:14 – Updated: 2024-11-18 16:26CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict and/or guess the generated string and impersonate a user thereby obtaining higher privileges.
When CubeFS creates new users, it creates a piece of sensitive information for the user called the “accessKey”. To create the "accesKey", CubeFS uses an insecure string generator which makes it easy to guess and thereby impersonate the created user.
An attacker could leverage the predictable random string generator and guess a users access key and impersonate the user to obtain higher privileges.
There is no evidence of this vulnerability being exploited in the wild. It was found during a security audit carried out by Ada Logics in collaboration with OSTIF and the CNCF.
The issue has been fixed in v3.3.1. There is no other mitigation than to upgrade.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/cubefs/cubefs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-46740"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-03T16:14:08Z",
"nvd_published_at": "2024-01-03T17:15:10Z",
"severity": "HIGH"
},
"details": "CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict and/or guess the generated string and impersonate a user thereby obtaining higher privileges.\n\nWhen CubeFS creates new users, it creates a piece of sensitive information for the user called the \u201caccessKey\u201d. To create the \"accesKey\", CubeFS uses an insecure string generator which makes it easy to guess and thereby impersonate the created user. \n\nAn attacker could leverage the predictable random string generator and guess a users access key and impersonate the user to obtain higher privileges.\n\nThere is no evidence of this vulnerability being exploited in the wild. It was found during a security audit carried out by [Ada Logics](https://adalogics.com/) in collaboration with [OSTIF](https://ostif.org/) and the [CNCF](https://www.cncf.io/).\n\nThe issue has been fixed in v3.3.1. There is no other mitigation than to upgrade.",
"id": "GHSA-4248-p65p-hcrm",
"modified": "2024-11-18T16:26:34Z",
"published": "2024-01-03T16:14:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/cubefs/cubefs/security/advisories/GHSA-4248-p65p-hcrm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46740"
},
{
"type": "WEB",
"url": "https://github.com/cubefs/cubefs/commit/8555c6402794cabdf2cc025c8bea1576122c07ba"
},
{
"type": "PACKAGE",
"url": "https://github.com/cubefs/cubefs"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L",
"type": "CVSS_V4"
}
],
"summary": "Insecure random string generator used for sensitive data"
}
GHSA-44R7-7P62-Q3FR
Vulnerability from github – Published: 2021-05-18 21:09 – Updated: 2023-08-29 22:33The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/miekg/dns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.25"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-19794"
],
"database_specific": {
"cwe_ids": [
"CWE-330",
"CWE-338"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-18T20:42:52Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.",
"id": "GHSA-44r7-7p62-q3fr",
"modified": "2023-08-29T22:33:25Z",
"published": "2021-05-18T21:09:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19794"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/issues/3519"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/issues/3547"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/issues/1037"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/issues/1043"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/pull/1044"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/compare/v1.1.24...v1.1.25"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2020-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "miekg/dns insecurely generates random numbers"
}
GHSA-469J-6572-RHPJ
Vulnerability from github – Published: 2025-11-25 09:31 – Updated: 2025-11-25 09:31An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.
{
"affected": [],
"aliases": [
"CVE-2025-59371"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-25T08:15:52Z",
"severity": "HIGH"
},
"details": "An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models.\nRefer to the \u0027Security Update for ASUS Router Firmware\u0027 section on the ASUS Security Advisory for more information.",
"id": "GHSA-469j-6572-rhpj",
"modified": "2025-11-25T09:31:24Z",
"published": "2025-11-25T09:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59371"
},
{
"type": "WEB",
"url": "https://www.asus.com/security-advisory"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-47G5-G8GC-H4QG
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2023-06-30 18:31Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows man-in-the-middle attackers to tamper with messages.
{
"affected": [],
"aliases": [
"CVE-2021-27499"
],
"database_specific": {
"cwe_ids": [
"CWE-329",
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-02T21:15:00Z",
"severity": "MODERATE"
},
"details": "Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows man-in-the-middle attackers to tamper with messages.",
"id": "GHSA-47g5-g8gc-h4qg",
"modified": "2023-06-30T18:31:00Z",
"published": "2022-05-24T19:09:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27499"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-21-196-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4974-QRR5-PM93
Vulnerability from github – Published: 2024-02-06 00:30 – Updated: 2025-03-24 15:30The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. This makes it possible for unauthenticated attackers, to extract sensitive data including site backups in configurations where the .htaccess file in the directory does not block access.
{
"affected": [],
"aliases": [
"CVE-2024-0761"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-05T22:16:04Z",
"severity": "HIGH"
},
"details": "The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. This makes it possible for unauthenticated attackers, to extract sensitive data including site backups in configurations where the .htaccess file in the directory does not block access.",
"id": "GHSA-4974-qrr5-pm93",
"modified": "2025-03-24T15:30:32Z",
"published": "2024-02-06T00:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0761"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3023403/wp-file-manager/trunk/file_folder_manager.php?old=2984933\u0026old_path=wp-file-manager%2Ftrunk%2Ffile_folder_manager.php"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3023403/wp-file-manager/trunk/file_folder_manager.php?old=2984933\u0026old_path=wp-file-manager/trunk/file_folder_manager.php"
},
{
"type": "WEB",
"url": "https://wordpress.org/plugins/wp-file-manager"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1928f8e4-8bbe-4a3f-8284-aa12ca2f5176?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4998-58VC-P397
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806.
{
"affected": [],
"aliases": [
"CVE-2017-12361"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-30T09:29:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber client. An attacker could exploit this vulnerability to gain information to conduct additional attacks. The vulnerability is due to the way Cisco Jabber for Windows handles random number generation for file folders. An attacker could exploit the vulnerability by fixing the random number data used to establish Secure Sockets Layer (SSL) connections between clients. An exploit could allow the attacker to decrypt secure communications made by the Cisco Jabber for Windows client. Cisco Bug IDs: CSCve44806.",
"id": "GHSA-4998-58vc-p397",
"modified": "2022-05-13T01:37:48Z",
"published": "2022-05-13T01:37:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12361"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101994"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039915"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4C4W-3Q45-HP9J
Vulnerability from github – Published: 2017-10-24 18:33 – Updated: 2023-01-25 22:56The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "aescrypt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2013-7463"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T20:58:06Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack.",
"id": "GHSA-4c4w-3q45-hp9j",
"modified": "2023-01-25T22:56:46Z",
"published": "2017-10-24T18:33:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7463"
},
{
"type": "WEB",
"url": "https://github.com/Gurpartap/aescrypt/issues/4"
},
{
"type": "PACKAGE",
"url": "https://github.com/Gurpartap/aescrypt"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/aescrypt/CVE-2013-7463.yml"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20200227173428/http://www.securityfocus.com/bid/98035"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Aescrypt does not sufficiently use random values"
}
GHSA-4F4H-4MVR-GM9G
Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2024-04-04 02:46An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of the NeatoCrypto library generates insufficiently random numbers for robot secret_key values used for local and cloud authentication/authorization. If an attacker knows the serial number and is able to estimate the time of first provisioning of a robot, he is able to brute force the generated secret_key of the robot. This is because the entropy of the secret_key exclusively relies on these two values, due to not seeding the random generator and using several constant inputs for secret_key computation. Serial numbers are printed on the packaging and equal the MAC address of the robot.
{
"affected": [],
"aliases": [
"CVE-2018-19441"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-27T19:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of the NeatoCrypto library generates insufficiently random numbers for robot secret_key values used for local and cloud authentication/authorization. If an attacker knows the serial number and is able to estimate the time of first provisioning of a robot, he is able to brute force the generated secret_key of the robot. This is because the entropy of the secret_key exclusively relies on these two values, due to not seeding the random generator and using several constant inputs for secret_key computation. Serial numbers are printed on the packaging and equal the MAC address of the robot.",
"id": "GHSA-4f4h-4mvr-gm9g",
"modified": "2024-04-04T02:46:58Z",
"published": "2022-05-24T17:07:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19441"
},
{
"type": "WEB",
"url": "https://www.usenix.org/system/files/woot19-paper_ullrich.pdf"
},
{
"type": "WEB",
"url": "https://www.youtube.com/watch?v=k5nj7Jhwn9c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4FG2-48MJ-XWJM
Vulnerability from github – Published: 2026-03-04 18:31 – Updated: 2026-03-04 18:31A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
This vulnerability is due to insufficient error checking when processing SAML messages. An attacker could exploit this vulnerability by sending crafted SAML messages to the SAML service. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
{
"affected": [],
"aliases": [
"CVE-2026-20101"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-04T18:16:25Z",
"severity": "HIGH"
},
"details": "A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition.\n\n This vulnerability is due to insufficient error checking when processing SAML messages. An attacker could exploit this vulnerability by sending crafted SAML messages to the SAML service. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.",
"id": "GHSA-4fg2-48mj-xwjm",
"modified": "2026-03-04T18:31:55Z",
"published": "2026-03-04T18:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20101"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-m9sx6MbC"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4GH8-X3VV-PHHG
Vulnerability from github – Published: 2021-05-18 18:30 – Updated: 2023-01-10 16:09Impact
The siftool new command and func siftool.New() produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency.
Patches
A patch is available in version >= v1.2.3 of the module. Users are encouraged to upgrade.
The patch is commit https://github.com/sylabs/sif/commit/193962882122abf85ff5f5bcc86404933e71c07d
Workarounds
Users passing CreateInfo struct should ensure the ID field is generated using a version of github.com/satori/go.uuid that is not vulnerable to this issue. Unfortunately, the latest tagged release is vulnerable to this issue. One way to obtain a non-vulnerable version is:
go get github.com/satori/go.uuid@75cca531ea763666bc46e531da3b4c3b95f64557
References
- https://github.com/satori/go.uuid/issues/73
For more information
If you have any questions or comments about this advisory: * Open an issue in github.com/sylabs/sif * Email us at security@sylabs.io
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/sylabs/sif"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-29499"
],
"database_specific": {
"cwe_ids": [
"CWE-330",
"CWE-340"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-07T17:01:30Z",
"nvd_published_at": "2021-05-07T21:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\n\nThe `siftool new` command and [func siftool.New()](https://pkg.go.dev/github.com/sylabs/sif/pkg/siftool#New) produce predictable UUID identifiers due to insecure randomness in the version of the `github.com/satori/go.uuid` module used as a dependency.\n\n### Patches\n\nA patch is available in version \u003e= v1.2.3 of the module. Users are encouraged to upgrade.\n\nThe patch is commit https://github.com/sylabs/sif/commit/193962882122abf85ff5f5bcc86404933e71c07d\n\n### Workarounds\nUsers passing [CreateInfo struct](https://pkg.go.dev/github.com/sylabs/sif/pkg/sif#CreateInfo) should ensure the `ID` field is generated using a version of `github.com/satori/go.uuid` that is not vulnerable to this issue. Unfortunately, the latest tagged release is vulnerable to this issue. One way to obtain a non-vulnerable version is:\n\n```\ngo get github.com/satori/go.uuid@75cca531ea763666bc46e531da3b4c3b95f64557\n```\n\n### References\n* https://github.com/satori/go.uuid/issues/73\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [github.com/sylabs/sif](https://github.com/sylabs/sif/issues/new)\n* Email us at [security@sylabs.io](mailto:security@sylabs.io)\n",
"id": "GHSA-4gh8-x3vv-phhg",
"modified": "2023-01-10T16:09:36Z",
"published": "2021-05-18T18:30:38Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/sylabs/sif/security/advisories/GHSA-4gh8-x3vv-phhg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29499"
},
{
"type": "WEB",
"url": "https://github.com/satori/go.uuid/issues/73"
},
{
"type": "WEB",
"url": "https://github.com/sylabs/sif/commit/193962882122abf85ff5f5bcc86404933e71c07d"
},
{
"type": "PACKAGE",
"url": "https://github.com/sylabs/sif"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Predictable SIF UUID Identifiers in github.com/sylabs/sif"
}
Mitigation
- Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
- In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
- Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
Mitigation MIT-2
Strategy: Libraries or Frameworks
Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-485: Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.