CWE-330
DiscouragedUse of Insufficiently Random Values
Abstraction: Class · Status: Stable
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
446 vulnerabilities reference this CWE, most recent first.
GHSA-P3RP-7C36-7FJF
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-08-02 00:00An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.
{
"affected": [],
"aliases": [
"CVE-2021-25444"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-05T20:15:00Z",
"severity": "MODERATE"
},
"details": "An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.",
"id": "GHSA-p3rp-7c36-7fjf",
"modified": "2022-08-02T00:00:33Z",
"published": "2022-05-24T19:10:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25444"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P4CC-W597-6CPM
Vulnerability from github – Published: 2022-08-30 20:38 – Updated: 2022-09-08 14:13In Brief
utils.generateUUID, a helper function available in essentially all versions of NodeBB (as far back as v1.0.1 and potentially earlier) used a cryptographically insecure Pseudo-random number generator (Math.random()), which meant that a specially crafted script combined with multiple invocations of the password reset functionality could enable an attacker to correctly calculate the reset code for an account they do not have access to.
Impact
This vulnerability impacts all installations of NodeBB. The vulnerability allows for an attacker to take over any account without the involvement of the victim, and as such, the remediation should be applied immediately (either via NodeBB upgrade or cherry-pick of the specific changeset. Patches have been provided for both active branches of NodeBB (v2.x and v1.19.x)—please see below.
If you are already on v2.0.0 or v1.19.7, you can upgrade with no ill effects. The new version contains only the patch for this vulnerability.
The impact of this vulnerability is slightly lessened by the requirement that the target's email address must be known, and user emails are protected values in NodeBB. However, since NodeBB can be configured to display email addresses if the admin so wishes, and as email addresses can often by derived from other sources and/or guessed, the impact of this vulnerability is still fairly high.
Patches
v2.x
The vulnerability has been patched in https://github.com/NodeBB/NodeBB/commit/e802fab87f94a13f397f04cfe6068f2f7ddf7888. You can cherry-pick this directly into your codebase.
v1.19.x
The vulnerability has been patched in 81e3c1ba488d03371a5ce8d0ebb5c5803026e0f9. You can cherry-pick this directly into your codebase.
Workarounds
There is no known workaround, but the patch sets listed above will fully patch the vulnerability.
References
For more information
If you have any questions or comments about this advisory: * Discuss it on our community forum * Email us at support@nodebb.org
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "nodebb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "nodebb"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"fixed": "2.0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.0.0"
]
}
],
"aliases": [
"CVE-2022-36045"
],
"database_specific": {
"cwe_ids": [
"CWE-330",
"CWE-338"
],
"github_reviewed": true,
"github_reviewed_at": "2022-08-30T20:38:10Z",
"nvd_published_at": "2022-08-31T15:15:00Z",
"severity": "CRITICAL"
},
"details": "### In Brief\n`utils.generateUUID`, a helper function available in essentially all versions of NodeBB (as far back as v1.0.1 and potentially earlier) used a cryptographically insecure Pseudo-random number generator (`Math.random()`), which meant that a specially crafted script combined with multiple invocations of the password reset functionality could enable an attacker to correctly calculate the reset code for an account they do not have access to.\n\n### Impact\nThis vulnerability impacts all installations of NodeBB. The vulnerability allows for an attacker to take over any account without the involvement of the victim, and as such, the remediation should be applied immediately (either via NodeBB upgrade or cherry-pick of the specific changeset. Patches have been provided for both active branches of NodeBB (v2.x and v1.19.x)\u2014please see below.\n\nIf you are already on v2.0.0 or v1.19.7, you can upgrade with no ill effects. The new version contains only the patch for this vulnerability.\n\nThe impact of this vulnerability is slightly lessened by the requirement that the target\u0027s email address must be known, **and** user emails are protected values in NodeBB. However, since NodeBB can be configured to display email addresses if the admin so wishes, and as email addresses can often by derived from other sources and/or guessed, the impact of this vulnerability is still fairly high.\n\n### Patches\n\n#### v2.x\nThe vulnerability has been patched in https://github.com/NodeBB/NodeBB/commit/e802fab87f94a13f397f04cfe6068f2f7ddf7888. You can cherry-pick this directly into your codebase.\n\n#### v1.19.x\nThe vulnerability has been patched in 81e3c1ba488d03371a5ce8d0ebb5c5803026e0f9. You can cherry-pick this directly into your codebase.\n\n### Workarounds\nThere is no known workaround, but the patch sets listed above will fully patch the vulnerability.\n\n### References\n* [CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)](http://cwe.mitre.org/data/definitions/338.html)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Discuss it on [our community forum](community.nodebb.org/)\n* Email us at [support@nodebb.org](mailto:support@nodebb.org)\n",
"id": "GHSA-p4cc-w597-6cpm",
"modified": "2022-09-08T14:13:22Z",
"published": "2022-08-30T20:38:10Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-p4cc-w597-6cpm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36045"
},
{
"type": "WEB",
"url": "https://github.com/NodeBB/NodeBB/commit/81e3c1ba488d03371a5ce8d0ebb5c5803026e0f9"
},
{
"type": "WEB",
"url": "https://github.com/NodeBB/NodeBB/commit/e802fab87f94a13f397f04cfe6068f2f7ddf7888"
},
{
"type": "PACKAGE",
"url": "https://github.com/NodeBB/NodeBB"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Cryptographically weak PRNG in `utils.generateUUID`"
}
GHSA-P576-C9V5-5PVC
Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending divided "Nonce Get (0x98 0x81)" frames. The reason for dividing the "Nonce Get" frame is that, in security version S0, when a node receives a "Nonce Get" frame, the node produces a random new nonce and sends it to the Src node of the received "Nonce Get" frame. After the nonce value is generated and transmitted, the node transitions to wait mode. At this time, when "Nonce Get" is received again, the node discards the previous nonce value and generates a random nonce again. Therefore, because the frame is encrypted with previous nonce value, the received normal frame cannot be decrypted.
{
"affected": [],
"aliases": [
"CVE-2018-19983"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-09T19:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending divided \"Nonce Get (0x98 0x81)\" frames. The reason for dividing the \"Nonce Get\" frame is that, in security version S0, when a node receives a \"Nonce Get\" frame, the node produces a random new nonce and sends it to the Src node of the received \"Nonce Get\" frame. After the nonce value is generated and transmitted, the node transitions to wait mode. At this time, when \"Nonce Get\" is received again, the node discards the previous nonce value and generates a random nonce again. Therefore, because the frame is encrypted with previous nonce value, the received normal frame cannot be decrypted.",
"id": "GHSA-p576-c9v5-5pvc",
"modified": "2022-05-13T01:50:55Z",
"published": "2022-05-13T01:50:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19983"
},
{
"type": "WEB",
"url": "https://github.com/min1233/CVE/blob/master/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P5F7-RJHP-PXVC
Vulnerability from github – Published: 2026-06-10 00:31 – Updated: 2026-06-10 00:31Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter.
Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17.
{
"affected": [],
"aliases": [
"CVE-2026-41701"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-10T00:16:51Z",
"severity": "MODERATE"
},
"details": "Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter.\n\nAffected versions:\nSpring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17.",
"id": "GHSA-p5f7-rjhp-pxvc",
"modified": "2026-06-10T00:31:51Z",
"published": "2026-06-10T00:31:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41701"
},
{
"type": "WEB",
"url": "https://spring.io/security/cve-2026-41701"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P7PR-45Q9-5M9W
Vulnerability from github – Published: 2022-05-24 17:36 – Updated: 2023-10-12 21:30An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks.
{
"affected": [],
"aliases": [
"CVE-2020-17470"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-11T23:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks.",
"id": "GHSA-p7pr-45q9-5m9w",
"modified": "2023-10-12T21:30:55Z",
"published": "2022-05-24T17:36:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-17470"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"type": "WEB",
"url": "http://fnet.sourceforge.net/manual/fnet_history.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PFJF-5GXR-995X
Vulnerability from github – Published: 2026-03-01 01:29 – Updated: 2026-06-06 00:22Summary
The _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton).
Details
def _redirect_to_target(request, default_target="/"):
target = request.query_params.get("_target_url", default_target)
return RedirectResponse(target) # No validation
An attacker can craft a URL like https://my-space.hf.space/logout?_target_url=https://evil.com/phishing that redirects the user to an external site after logout. Because the URL originates from a trusted hf.space domain, users are more likely to trust the link.
Impact
Phishing — an attacker can use the trusted domain to redirect users to a malicious site. No direct data exposure or server-side impact.
## Fix The _target_url parameter is now sanitized to only use the path, query, and fragment, stripping any scheme or host.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "gradio"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-28415"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-284",
"CWE-330",
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-01T01:29:12Z",
"nvd_published_at": "2026-02-27T22:16:24Z",
"severity": "MODERATE"
},
"details": "# Summary\n\nThe _redirect_to_target() function in Gradio\u0027s OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton).\n\n## Details\n\n```python\n\n def _redirect_to_target(request, default_target=\"/\"):\n target = request.query_params.get(\"_target_url\", default_target)\n return RedirectResponse(target) # No validation\n```\n An attacker can craft a URL like https://my-space.hf.space/logout?_target_url=https://evil.com/phishing that redirects the user to an external site after logout. Because the URL originates from a trusted hf.space domain, users are more likely to trust the link.\n\n## Impact\n\nPhishing \u2014 an attacker can use the trusted domain to redirect users to a malicious site. No direct data exposure or server-side impact.\n\n ## Fix\nThe _target_url parameter is now sanitized to only use the path, query, and fragment, stripping any scheme or host.",
"id": "GHSA-pfjf-5gxr-995x",
"modified": "2026-06-06T00:22:30Z",
"published": "2026-03-01T01:29:12Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-pfjf-5gxr-995x"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28415"
},
{
"type": "WEB",
"url": "https://github.com/gradio-app/gradio/commit/dfee0da06d0aa94b3c2684131e7898d5d5c1911e"
},
{
"type": "PACKAGE",
"url": "https://github.com/gradio-app/gradio"
},
{
"type": "WEB",
"url": "https://github.com/gradio-app/gradio/releases/tag/gradio%406.6.0"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/gradio/PYSEC-2026-65.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Gradio has an Open Redirect in its OAuth Flow"
}
GHSA-PGQJ-4VX9-9F56
Vulnerability from github – Published: 2026-02-27 21:31 – Updated: 2026-02-27 21:31SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifier offline and bypass authentication without completing the login flow, gaining unauthorized access to the device.
{
"affected": [],
"aliases": [
"CVE-2026-27755"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-27T19:16:09Z",
"severity": "CRITICAL"
},
"details": "SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifier offline and bypass authentication without completing the login flow, gaining unauthorized access to the device.",
"id": "GHSA-pgqj-4vx9-9f56",
"modified": "2026-02-27T21:31:21Z",
"published": "2026-02-27T21:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27755"
},
{
"type": "WEB",
"url": "https://www.sodola-network.com/products/sodola-6-port-2-5g-easy-web-managed-switch-4-x-2-5g-base-t-ports-2-x-10g-sfp-static-aggregation-qos-vlan-igmp-2-5gb-network-home-lab-switch"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/sodola-sl902-swtgw124as-predictable-session-id"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-PH87-72GP-HXWW
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to obtain the encrypted packet and the 32-bit serial number. The interception of the one-time pairing process is specifically not required. Due to use of AES-128 with an initial static random value and static data vector (all of this static information is the same across different customers' installations), the attacker can easily derive the utilized encryption key and decrypt the intercepted packet. The key can be verified by decrypting the intercepted packet and checking for known plaintext. Subsequently, an attacker can create arbitrary radio frames with the correct encryption key to control BiSecur garage and entrance gate operators and possibly other BiSecur systems as well ("wireless cloning"). To conduct the attack, a low cost Software Defined Radio (SDR) is sufficient. This affects Hoermann Hand Transmitter HS5-868-BS, HSE1-868-BS, and HSE2-868-BS devices.
{
"affected": [],
"aliases": [
"CVE-2017-17910"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-29T19:29:00Z",
"severity": "MODERATE"
},
"details": "On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to obtain the encrypted packet and the 32-bit serial number. The interception of the one-time pairing process is specifically not required. Due to use of AES-128 with an initial static random value and static data vector (all of this static information is the same across different customers\u0027 installations), the attacker can easily derive the utilized encryption key and decrypt the intercepted packet. The key can be verified by decrypting the intercepted packet and checking for known plaintext. Subsequently, an attacker can create arbitrary radio frames with the correct encryption key to control BiSecur garage and entrance gate operators and possibly other BiSecur systems as well (\"wireless cloning\"). To conduct the attack, a low cost Software Defined Radio (SDR) is sufficient. This affects Hoermann Hand Transmitter HS5-868-BS, HSE1-868-BS, and HSE2-868-BS devices.",
"id": "GHSA-ph87-72gp-hxww",
"modified": "2022-05-13T01:44:32Z",
"published": "2022-05-13T01:44:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17910"
},
{
"type": "WEB",
"url": "https://docs.wixstatic.com/ugd/28ba71_6ecc3158975a484d827e935edda4fa17.pdf"
},
{
"type": "WEB",
"url": "https://www.trustworks.at/publications"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PHH4-3HMM-24RX
Vulnerability from github – Published: 2024-10-02 12:30 – Updated: 2025-08-26 19:43Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-mh98-763h-m9v4. This link is maintained to preserve external references.
Original Description
JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/juju/juju"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.0-20241001032836-2af7bd8e310b"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-1391",
"CWE-330",
"CWE-337"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-02T21:55:42Z",
"nvd_published_at": "2024-10-02T11:15:11Z",
"severity": "HIGH"
},
"details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-mh98-763h-m9v4. This link is maintained to preserve external references.\n\n## Original Description\nJUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.",
"id": "GHSA-phh4-3hmm-24rx",
"modified": "2025-08-26T19:43:23Z",
"published": "2024-10-02T12:30:33Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/juju/juju/security/advisories/GHSA-mh98-763h-m9v4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7558"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7558"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Duplicate Advisory: Juju makes Use of Weak Credentials",
"withdrawn": "2024-10-02T21:55:42Z"
}
GHSA-PM4J-HV98-68CQ
Vulnerability from github – Published: 2022-05-24 17:02 – Updated: 2023-02-13 00:31A password generation weakness exists in xquest through 2016-06-13.
{
"affected": [],
"aliases": [
"CVE-2016-4980"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-27T16:15:00Z",
"severity": "LOW"
},
"details": "A password generation weakness exists in xquest through 2016-06-13.",
"id": "GHSA-pm4j-hv98-68cq",
"modified": "2023-02-13T00:31:09Z",
"published": "2022-05-24T17:02:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4980"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2016-4980"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346016"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4980"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVW2QJFNZUZYBN4M4YUE7S2NZBWWMGES"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVW2QJFNZUZYBN4M4YUE7S2NZBWWMGES"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
- Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
- In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
- Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
Mitigation MIT-2
Strategy: Libraries or Frameworks
Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-485: Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.