CWE-338
AllowedUse of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Abstraction: Base · Status: Draft
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
295 vulnerabilities reference this CWE, most recent first.
GHSA-44R7-7P62-Q3FR
Vulnerability from github – Published: 2021-05-18 21:09 – Updated: 2023-08-29 22:33The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/miekg/dns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.25"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-19794"
],
"database_specific": {
"cwe_ids": [
"CWE-330",
"CWE-338"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-18T20:42:52Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.",
"id": "GHSA-44r7-7p62-q3fr",
"modified": "2023-08-29T22:33:25Z",
"published": "2021-05-18T21:09:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19794"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/issues/3519"
},
{
"type": "WEB",
"url": "https://github.com/coredns/coredns/issues/3547"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/issues/1037"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/issues/1043"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/pull/1044"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33"
},
{
"type": "WEB",
"url": "https://github.com/miekg/dns/compare/v1.1.24...v1.1.25"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2020-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "miekg/dns insecurely generates random numbers"
}
GHSA-462C-H7QR-CXM6
Vulnerability from github – Published: 2026-05-11 09:30 – Updated: 2026-05-11 18:31WebDyne::Session versions through 2.075 for Perl generates the session id insecurely.
The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function. The rand function is passed a maximum value based on the process id, the epoch time and the reference address of the object, but this information will have no effect on the overall quality of the seed of the message digest.
The rand function is seeded by 32-bits and is predictable. It is considered unsuitable for cryptographic purposes.
Predictable session ids could allow an attacker to gain access to systems.
Note that WebDyne::Session versions 1.042 and earlier appear to be in separate distributions from WebDyne.
{
"affected": [],
"aliases": [
"CVE-2026-5084"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-11T08:16:16Z",
"severity": "MODERATE"
},
"details": "WebDyne::Session versions through 2.075 for Perl generates the session id insecurely.\n\nThe session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function. The rand function is passed a maximum value based on the process id, the epoch time and the reference address of the object, but this information will have no effect on the overall quality of the seed of the message digest.\n\nThe rand function is seeded by 32-bits and is predictable. It is considered unsuitable for cryptographic purposes.\n\nPredictable session ids could allow an attacker to gain access to systems.\n\nNote that WebDyne::Session versions 1.042 and earlier appear to be in separate distributions from WebDyne.",
"id": "GHSA-462c-h7qr-cxm6",
"modified": "2026-05-11T18:31:43Z",
"published": "2026-05-11T09:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5084"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/ASPEER/WebDyne-2.075/source/lib/WebDyne/Session.pm#L120"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
},
{
"type": "WEB",
"url": "https://webdyne.org"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/05/11/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-46F3-RC2X-P4JV
Vulnerability from github – Published: 2025-03-26 12:30 – Updated: 2025-03-26 21:31DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.
This vulnerability is associated with program files lib/DBIx/Class/EncodedColumn/Digest.pm.
This issue affects DBIx::Class::EncodedColumn until 0.00032.
{
"affected": [],
"aliases": [
"CVE-2025-27551"
],
"database_specific": {
"cwe_ids": [
"CWE-331",
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-26T11:15:38Z",
"severity": "MODERATE"
},
"details": "DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.\n\nThis vulnerability is associated with program files lib/DBIx/Class/EncodedColumn/Digest.pm.\n\nThis issue affects DBIx::Class::EncodedColumn until 0.00032.",
"id": "GHSA-46f3-rc2x-p4jv",
"modified": "2025-03-26T21:31:06Z",
"published": "2025-03-26T12:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27551"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-496Q-8PH2-C4FJ
Vulnerability from github – Published: 2025-07-16 15:32 – Updated: 2025-11-05 00:31Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely.
The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
According to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.
{
"affected": [],
"aliases": [
"CVE-2025-40918"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-16T14:15:25Z",
"severity": "MODERATE"
},
"details": "Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely.\n\nThe cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nAccording to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation\n depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.",
"id": "GHSA-496q-8ph2-c4fj",
"modified": "2025-11-05T00:31:21Z",
"published": "2025-07-16T15:32:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40918"
},
{
"type": "WEB",
"url": "https://github.com/gbarr/perl-authen-sasl/pull/22"
},
{
"type": "WEB",
"url": "https://datatracker.ietf.org/doc/html/rfc2831"
},
{
"type": "WEB",
"url": "https://metacpan.org/dist/Authen-SASL/source/lib/Authen/SASL/Perl/DIGEST_MD5.pm#L263"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/EHUELS/Authen-SASL-2.1900/changes"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/patches/A/Authen-SASL/2.1800/CVE-2025-40918-r1.patch"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/07/16/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4C72-MRHF-23CG
Vulnerability from github – Published: 2022-05-14 02:52 – Updated: 2023-08-15 22:11Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.syncope:syncope"
},
"ranges": [
{
"events": [
{
"introduced": "1.1.0"
},
{
"fixed": "1.1.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-3503"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": true,
"github_reviewed_at": "2023-08-15T22:11:49Z",
"nvd_published_at": "2014-07-11T14:55:00Z",
"severity": "MODERATE"
},
"details": "Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.",
"id": "GHSA-4c72-mrhf-23cg",
"modified": "2023-08-15T22:11:49Z",
"published": "2022-05-14T02:52:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3503"
},
{
"type": "WEB",
"url": "https://github.com/apache/syncope/commit/8e0045925a387ee211832c7e0709dd418cda1ad3"
},
{
"type": "WEB",
"url": "https://syncope.apache.org/security.html#cve-2014-3503-insecure-random-implementations-used-to-generate-p"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20140728093808/http://www.securityfocus.com/bid/68431"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20201207014021/http://www.securityfocus.com/archive/1/532669/100/0/threaded"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/127375/Apache-Syncope-Insecure-Password-Generation.html"
},
{
"type": "WEB",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=r1596537"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Apache Syncope uses a weak PNRG"
}
GHSA-4G94-JFQP-P4F7
Vulnerability from github – Published: 2026-04-13 09:31 – Updated: 2026-04-13 18:30Solstice::Session versions through 1440 for Perl generates session ids insecurely.
The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id.
The same method is used in the _generateID method in Solstice::Subsession, which is part of the same distribution.
The epoch time may be guessed, if it is not leaked in the HTTP Date header. Stringified hash refences will contain predictable content. The built-in rand() function is seeded by 16-bits and is unsuitable for security purposes. The process id comes from a small set of numbers.
Predictable session ids could allow an attacker to gain access to systems.
{
"affected": [],
"aliases": [
"CVE-2026-5085"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-13T07:16:50Z",
"severity": "CRITICAL"
},
"details": "Solstice::Session versions through 1440 for Perl generates session ids insecurely.\n\nThe _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id.\n\nThe same method is used in the _generateID method in Solstice::Subsession, which is part of the same distribution.\n\nThe epoch time may be guessed, if it is not leaked in the HTTP Date header. Stringified hash refences will contain predictable content. The built-in rand() function is seeded by 16-bits and is unsuitable for security purposes. The process id comes from a small set of numbers.\n\nPredictable session ids could allow an attacker to gain access to systems.",
"id": "GHSA-4g94-jfqp-p4f7",
"modified": "2026-04-13T18:30:39Z",
"published": "2026-04-13T09:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5085"
},
{
"type": "WEB",
"url": "https://metacpan.org/dist/Solstice/source/lib/Solstice/Session.pm#L481"
},
{
"type": "WEB",
"url": "https://metacpan.org/dist/Solstice/source/lib/Solstice/Subsession.pm#L105"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/04/13/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4XRG-5554-QFFR
Vulnerability from github – Published: 2022-05-01 23:28 – Updated: 2025-04-09 03:54OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
{
"affected": [],
"aliases": [
"CVE-2008-0166"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-05-13T17:20:00Z",
"severity": "HIGH"
},
"details": "OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.",
"id": "GHSA-4xrg-5554-qffr",
"modified": "2025-04-09T03:54:26Z",
"published": "2022-05-01T23:28:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0166"
},
{
"type": "WEB",
"url": "https://16years.secvuln.info"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42375"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=40333169"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/5622"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/5632"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/5720"
},
{
"type": "WEB",
"url": "http://metasploit.com/users/hdm/tools/debian-openssl"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30136"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30220"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30221"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30231"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30239"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/30249"
},
{
"type": "WEB",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=48367252.7070603%40shemesh.biz\u0026forum_name=rsyncrypto-devel"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2008/dsa-1571"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2008/dsa-1576"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/925211"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/492112/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/29179"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1020017"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-612-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-612-2"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-612-3"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-612-4"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-612-7"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-137A.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-54MG-VGRP-MWX9
Vulnerability from github – Published: 2019-05-14 04:01 – Updated: 2021-08-04 15:01Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "io.ratpack:ratpack-session"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "io.ratpack:ratpack-java"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "io.ratpack:ratpack-groovy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-11808"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": true,
"github_reviewed_at": "2019-05-14T03:48:09Z",
"nvd_published_at": "2019-05-07T07:29:00Z",
"severity": "LOW"
},
"details": "Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK\u0027s ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs.",
"id": "GHSA-54mg-vgrp-mwx9",
"modified": "2021-08-04T15:01:30Z",
"published": "2019-05-14T04:01:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11808"
},
{
"type": "WEB",
"url": "https://github.com/ratpack/ratpack/issues/1448"
},
{
"type": "WEB",
"url": "https://github.com/ratpack/ratpack/commit/f2b63eb82dd71194319fd3945f5edf29b8f3a42d"
},
{
"type": "WEB",
"url": "https://github.com/ratpack/ratpack/releases/tag/v1.6.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Ratpack"
}
GHSA-56QJ-X9H6-9389
Vulnerability from github – Published: 2023-10-19 21:30 – Updated: 2024-04-04 08:48An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG.
{
"affected": [],
"aliases": [
"CVE-2023-27791"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-19T20:15:08Z",
"severity": "HIGH"
},
"details": "An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG.",
"id": "GHSA-56qj-x9h6-9389",
"modified": "2024-04-04T08:48:57Z",
"published": "2023-10-19T21:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27791"
},
{
"type": "WEB",
"url": "https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-59J9-QV68-3XX5
Vulnerability from github – Published: 2022-04-23 00:40 – Updated: 2024-04-03 23:49A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and is advertised as being unsuitable)."
{
"affected": [],
"aliases": [
"CVE-2012-6124"
],
"database_specific": {
"cwe_ids": [
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-31T21:15:00Z",
"severity": "MODERATE"
},
"details": "A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states \"This function wasn\u0027t used for security purposes (and is advertised as being unsuitable).\"",
"id": "GHSA-59j9-qv68-3xx5",
"modified": "2024-04-03T23:49:22Z",
"published": "2022-04-23T00:40:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6124"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2012-6124"
},
{
"type": "WEB",
"url": "https://lists.nongnu.org/archive/html/chicken-hackers/2012-02/msg00084.html"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6124"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2013/02/08/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.
No CAPEC attack patterns related to this CWE.