Common Weakness Enumeration

CWE-330

Discouraged

Use of Insufficiently Random Values

Abstraction: Class · Status: Stable

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

445 vulnerabilities reference this CWE, most recent first.

GHSA-76PH-2HXX-GXWJ

Vulnerability from github – Published: 2022-05-13 01:07 – Updated: 2025-04-12 12:50
VLAI
Details

Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-3963"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-08-04T01:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.",
  "id": "GHSA-76ph-2hxx-gxwj",
  "modified": "2025-04-12T12:50:29Z",
  "published": "2022-05-13T01:07:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3963"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20160324-0001"
    },
    {
      "type": "WEB",
      "url": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/75302"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032730"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1033181"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-7FHM-GX9F-8C93

Vulnerability from github – Published: 2024-04-30 09:30 – Updated: 2024-04-30 09:30
VLAI
Details

The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification, and if both the "Login the user automatically after the account is verified" and "Verify account for current users" options are checked, then it potentially makes it possible for attackers to bypass authentication for other users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-4185"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-30T09:15:07Z",
    "severity": "HIGH"
  },
  "details": "The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification, and if both the \"Login the user automatically after the account is verified\" and \"Verify account for current users\" options are checked, then it potentially makes it possible for attackers to bypass authentication for other users.",
  "id": "GHSA-7fhm-gx9f-8c93",
  "modified": "2024-04-30T09:30:46Z",
  "published": "2024-04-30T09:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4185"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/emails-verification-for-woocommerce/tags/2.7.4/includes/alg-wc-ev-functions.php#L299"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/emails-verification-for-woocommerce/tags/2.7.4/includes/class-alg-wc-ev-core.php#L731"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/3078804/emails-verification-for-woocommerce#file2"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ebae4b18-5b5f-45c3-86e2-02eefd7abdb7?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7QVR-F99M-RPCH

Vulnerability from github – Published: 2022-05-24 16:48 – Updated: 2024-04-04 01:00
VLAI
Details

The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token, does not check the numerical relationship between the amount of the air drop and the token's total supply, which lets the owner of the contract issue an arbitrary amount of currency. (Increasing the total supply by using 'doAirdrop' ignores the hard cap written in the contract and devalues the token.)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-18425"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-06-19T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token, does not check the numerical relationship between the amount of the air drop and the token\u0027s total supply, which lets the owner of the contract issue an arbitrary amount of currency. (Increasing the total supply by using \u0027doAirdrop\u0027 ignores the hard cap written in the contract and devalues the token.)",
  "id": "GHSA-7qvr-f99m-rpch",
  "modified": "2024-04-04T01:00:33Z",
  "published": "2022-05-24T16:48:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18425"
    },
    {
      "type": "WEB",
      "url": "https://etherscan.io/address/0x21a8a03b34e053f9b1d4545213d9d1d411a9d449#code"
    },
    {
      "type": "WEB",
      "url": "https://www.jianshu.com/p/09f238e9e568"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7RG4-266C-JQW6

Vulnerability from github – Published: 2021-06-08 20:12 – Updated: 2022-06-29 20:41
VLAI
Summary
Predictable CSRF tokens in centreon/centreon
Details

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "centreon/centreon"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "20.10.0"
            },
            {
              "fixed": "20.10.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "centreon/centreon"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "20.04.0"
            },
            {
              "fixed": "20.04.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "centreon/centreon"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "19.10.0"
            },
            {
              "fixed": "19.10.23"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "centreon/centreon"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.37"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-28055"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330",
      "CWE-352"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-07T15:18:01Z",
    "nvd_published_at": "2021-04-15T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.",
  "id": "GHSA-7rg4-266c-jqw6",
  "modified": "2022-06-29T20:41:29Z",
  "published": "2021-06-08T20:12:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28055"
    },
    {
      "type": "WEB",
      "url": "https://github.com/centreon/centreon/pull/9612"
    },
    {
      "type": "WEB",
      "url": "https://github.com/centreon/centreon/commit/0261d4b250135eb513fdb7d52ba6fdeb19c6863f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/centreon/centreon/commit/626d3fb91cef402df0ebda5a8165d8f45da67c7a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/centreon/centreon"
    },
    {
      "type": "WEB",
      "url": "https://github.com/centreon/centreon/releases/tag/19.10.23"
    },
    {
      "type": "WEB",
      "url": "https://github.com/centreon/centreon/releases/tag/2.8.37"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Predictable CSRF tokens in centreon/centreon"
}

GHSA-7RR3-3WCQ-VXFF

Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2024-04-04 08:29
VLAI
Details

In PicoTCP 1.7.0, TCP ISNs are improperly random.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27635"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-10T17:15:10Z",
    "severity": "CRITICAL"
  },
  "details": "In PicoTCP 1.7.0, TCP ISNs are improperly random.",
  "id": "GHSA-7rr3-3wcq-vxff",
  "modified": "2024-04-04T08:29:46Z",
  "published": "2023-10-10T18:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27635"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7X3Q-VM79-8FCC

Vulnerability from github – Published: 2022-05-02 03:13 – Updated: 2024-02-14 18:30
VLAI
Details

The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2009-0255"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-01-22T23:30:00Z",
    "severity": "MODERATE"
  },
  "details": "The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.",
  "id": "GHSA-7x3q-vm79-8fcc",
  "modified": "2024-02-14T18:30:24Z",
  "published": "2022-05-02T03:13:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0255"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48132"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33617"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33679"
    },
    {
      "type": "WEB",
      "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2009/dsa-1711"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33376"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-84C3-J8R2-MCM8

Vulnerability from github – Published: 2024-02-26 20:10 – Updated: 2024-02-26 20:10
VLAI
Summary
@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys
Details

Problem

User sessions in the @nfid/embed SDK with Ed25519 keys are vulnerable due to a compromised private key 535yc-uxytb-gfk7h-tny7p-vjkoe-i4krp-3qmcl-uqfgr-cpgej-yqtjq-rqe. This exposes users to potential loss of funds on ledgers and unauthorized access to canisters they control.

Solution

Using version >1.0.1 of @dfinity/auth-client and @dfinity/identity packages, or @nfid/embed >0.10.1-alpha.6 includes patched versions of the issue.

User sessions will be automatically fixed when they re-authenticate.

Why this happened

The DFINITY auth client library provides a function, Ed25519KeyIdentity.generate, for generating an Ed25519 key pair. This function includes an optional parameter to supply a 32-byte seed value, which will be utilized as the secret key. In cases where no seed value is provided, the library is expected to generate the secret key using secure randomness. However, a recent update of DFINITY libraries has compromised this assurance by employing an insecure seed for key pair generation.

References

AgentJS CVE

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@nfid/embed"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.10.0"
            },
            {
              "fixed": "0.10.1-alpha.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-321",
      "CWE-330"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-26T20:10:10Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "### Problem\nUser sessions in the @nfid/embed SDK with Ed25519 keys are vulnerable due to a compromised private key `535yc-uxytb-gfk7h-tny7p-vjkoe-i4krp-3qmcl-uqfgr-cpgej-yqtjq-rqe`. This exposes users to potential loss of funds on ledgers and unauthorized access to canisters they control.\n\n### Solution\nUsing version \u003e1.0.1 of @dfinity/auth-client and @dfinity/identity packages, or @nfid/embed \u003e0.10.1-alpha.6 includes patched versions of the issue.\n\nUser sessions will be automatically fixed when they re-authenticate.\n\n### Why this happened\nThe DFINITY auth client library provides a function, `Ed25519KeyIdentity.generate`, for generating an Ed25519 key pair. This function includes an optional parameter to supply a 32-byte seed value, which will be utilized as the secret key. In cases where no seed value is provided, the library is expected to generate the secret key using secure randomness. However, a recent update of DFINITY libraries has compromised this assurance by employing an insecure seed for key pair generation.\n\n### References\n[AgentJS CVE ](https://github.com/dfinity/agent-js/security/advisories/GHSA-c9vv-fhgv-cjc3)\n",
  "id": "GHSA-84c3-j8r2-mcm8",
  "modified": "2024-02-26T20:10:10Z",
  "published": "2024-02-26T20:10:10Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/dfinity/agent-js/security/advisories/GHSA-c9vv-fhgv-cjc3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/internet-identity-labs/sdk-ts/security/advisories/GHSA-84c3-j8r2-mcm8"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/internet-identity-labs/sdk-ts"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys"
}

GHSA-86XH-GM7C-MPG4

Vulnerability from github – Published: 2026-01-06 06:31 – Updated: 2026-01-06 06:31
VLAI
Details

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back salt. This makes it possible for unauthenticated attackers to generate a valid token across sites running the plugin that have not manually set a salt in the wp-config.php file and access booking information that will allow them to make modifications.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-11723"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-06T04:15:52Z",
    "severity": "MODERATE"
  },
  "details": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back salt. This makes it possible for unauthenticated attackers to generate a valid token across sites running the plugin that have not manually set a salt in the wp-config.php file and access booking information that will allow them to make modifications.",
  "id": "GHSA-86xh-gm7c-mpg4",
  "modified": "2026-01-06T06:31:26Z",
  "published": "2026-01-06T06:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11723"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/3393919"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5f3fbd2-6152-4a89-8fe9-982120d1a640?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-87M6-HV55-49CW

Vulnerability from github – Published: 2022-05-13 01:21 – Updated: 2022-05-13 01:21
VLAI
Details

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-0007"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-15T21:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series.",
  "id": "GHSA-87m6-hv55-49cw",
  "modified": "2022-05-13T01:21:09Z",
  "published": "2022-05-13T01:21:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0007"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10903"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106564"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8839-62PG-36Q3

Vulnerability from github – Published: 2022-05-24 17:21 – Updated: 2022-05-24 17:21
VLAI
Details

The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected to the robot networks (wired or wireless) to exfiltrate all stored data (e.g. indoor mapping images) and associated metadata from the robot's database.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-10274"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-06-24T05:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related flaws). This flaw in combination with CVE-2020-10273 allows any attacker connected to the robot networks (wired or wireless) to exfiltrate all stored data (e.g. indoor mapping images) and associated metadata from the robot\u0027s database.",
  "id": "GHSA-8839-62pg-36q3",
  "modified": "2022-05-24T17:21:31Z",
  "published": "2022-05-24T17:21:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10274"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aliasrobotics/RVD/issues/2556"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation
Architecture and Design
  • Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
  • In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
  • Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Implementation

Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.

Mitigation MIT-2
Architecture and Design Requirements

Strategy: Libraries or Frameworks

Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-485: Signature Spoofing by Key Recreation

An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

CAPEC-59: Session Credential Falsification through Prediction

This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.