Common Weakness Enumeration

CWE-331

Allowed

Insufficient Entropy

Abstraction: Base · Status: Draft

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

207 vulnerabilities reference this CWE, most recent first.

GHSA-9HC7-6W9R-WJ94

Vulnerability from github – Published: 2024-06-04 18:40 – Updated: 2024-06-17 15:09
VLAI
Summary
Unable to generate the correct character set
Details

Reduced entropy due to inadequate character set usage

Description

Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nano_id::base62 and nano_id::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62 symbols, and the base58 function used a character set of 16 symbols instead of the intended 58 symbols. Additionally, the nano_id::gen macro is also affected when a custom character set that is not a power of 2 in size is specified.

It should be noted that nano_id::base64 is not affected by this vulnerability.

Impact

This can result in a significant reduction in entropy, making the generated IDs predictable and vulnerable to brute-force attacks when the IDs are used in security-sensitive contexts such as session tokens or unique identifiers.

Patches

The flaws were corrected in commit a9022772b2f1ce38929b5b81eccc670ac9d3ab23 by updating the the nano_id::gen macro to use all specified characters correctly.

PoC

use std::collections::BTreeSet;

fn main() {
    test_base58();
    test_base62();
}

fn test_base58() {
    let mut produced_symbols = BTreeSet::new();

    for _ in 0..100_000 {
        let id = nano_id::base58::<10>();
        for c in id.chars() {
            produced_symbols.insert(c);
        }
    }

    println!(
        "{} symbols generated from nano_id::base58",
        produced_symbols.len()
    );
}

fn test_base62() {
    let mut produced_symbols = BTreeSet::new();

    for _ in 0..100_000 {
        let id = nano_id::base62::<10>();
        for c in id.chars() {
            produced_symbols.insert(c);
        }
    }

    println!(
        "{} symbols generated from nano_id::base62",
        produced_symbols.len()
    );
}
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "nano-id"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-36400"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-04T18:40:34Z",
    "nvd_published_at": "2024-06-04T15:15:46Z",
    "severity": "CRITICAL"
  },
  "details": "# Reduced entropy due to inadequate character set usage\n\n## Description\n\nAffected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the `nano_id::base62` and `nano_id::base58` functions. Specifically, the `base62` function used a character set of 32 symbols instead of the intended 62 symbols, and the `base58` function used a character set of 16 symbols instead of the intended 58 symbols. Additionally, the `nano_id::gen` macro is also affected when a custom character set that is not a power of 2 in size is specified.\n\nIt should be noted that `nano_id::base64` is not affected by this vulnerability.\n\n## Impact\n\nThis can result in a significant reduction in entropy, making the generated IDs predictable and vulnerable to brute-force attacks when the IDs are used in security-sensitive contexts such as session tokens or unique identifiers.\n\n## Patches\n\nThe flaws were corrected in commit [a9022772b2f1ce38929b5b81eccc670ac9d3ab23](https://github.com/viz-rs/nano-id/commit/a9022772b2f1ce38929b5b81eccc670ac9d3ab23) by updating the the `nano_id::gen` macro to use all specified characters correctly.\n\n## PoC\n\n```rust\nuse std::collections::BTreeSet;\n\nfn main() {\n    test_base58();\n    test_base62();\n}\n\nfn test_base58() {\n    let mut produced_symbols = BTreeSet::new();\n\n    for _ in 0..100_000 {\n        let id = nano_id::base58::\u003c10\u003e();\n        for c in id.chars() {\n            produced_symbols.insert(c);\n        }\n    }\n\n    println!(\n        \"{} symbols generated from nano_id::base58\",\n        produced_symbols.len()\n    );\n}\n\nfn test_base62() {\n    let mut produced_symbols = BTreeSet::new();\n\n    for _ in 0..100_000 {\n        let id = nano_id::base62::\u003c10\u003e();\n        for c in id.chars() {\n            produced_symbols.insert(c);\n        }\n    }\n\n    println!(\n        \"{} symbols generated from nano_id::base62\",\n        produced_symbols.len()\n    );\n}\n```",
  "id": "GHSA-9hc7-6w9r-wj94",
  "modified": "2024-06-17T15:09:50Z",
  "published": "2024-06-04T18:40:34Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/viz-rs/nano-id/security/advisories/GHSA-9hc7-6w9r-wj94"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36400"
    },
    {
      "type": "WEB",
      "url": "https://github.com/viz-rs/nano-id/commit/a9022772b2f1ce38929b5b81eccc670ac9d3ab23"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/viz-rs/nano-id"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2024-0343.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Unable to generate the correct character set"
}

GHSA-9QM9-MGQ3-X66P

Vulnerability from github – Published: 2022-07-12 00:00 – Updated: 2022-07-19 00:00
VLAI
Details

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-29505"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-11T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,\nversions before 4.5.2, contain a Key Management Error Vulnerability.",
  "id": "GHSA-9qm9-mgq3-x66p",
  "modified": "2022-07-19T00:00:25Z",
  "published": "2022-07-12T00:00:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29505"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9X23-XCRX-FQ3Q

Vulnerability from github – Published: 2025-03-26 12:30 – Updated: 2025-03-26 21:31
VLAI
Details

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.

This vulnerability is associated with program files Crypt/Eksblowfish/Bcrypt.pm.

This issue affects DBIx::Class::EncodedColumn until 0.00032.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27552"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331",
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-26T11:15:39Z",
    "severity": "MODERATE"
  },
  "details": "DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.\n\nThis vulnerability is associated with program files Crypt/Eksblowfish/Bcrypt.pm.\n\nThis issue affects DBIx::Class::EncodedColumn until 0.00032.",
  "id": "GHSA-9x23-xcrx-fq3q",
  "modified": "2025-03-26T21:31:06Z",
  "published": "2025-03-26T12:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27552"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes"
    },
    {
      "type": "WEB",
      "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CH9C-F347-CQVW

Vulnerability from github – Published: 2022-05-01 23:46 – Updated: 2024-02-15 03:30
VLAI
Details

The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2008-2108"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-05-07T21:20:00Z",
    "severity": "HIGH"
  },
  "details": "The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions.",
  "id": "GHSA-ch9c-f347-cqvw",
  "modified": "2024-02-15T03:30:18Z",
  "published": "2022-05-01T23:46:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2108"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42226"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10844"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30757"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30828"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31119"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31124"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31200"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32746"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35003"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3859"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2009/dsa-1789"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:128"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:129"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:130"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0505.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0544.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0545.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0582.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/491683/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.sektioneins.de/advisories/SE-2008-02.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-628-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CHG9-3C3P-CH23

Vulnerability from github – Published: 2022-05-13 01:30 – Updated: 2024-09-30 16:13
VLAI
Summary
Lemur uses static IV per key
Details

Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "lemur"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.1.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2015-7764"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-29T14:49:35Z",
    "nvd_published_at": "2017-08-09T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode.",
  "id": "GHSA-chg9-3c3p-ch23",
  "modified": "2024-09-30T16:13:21Z",
  "published": "2022-05-13T01:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7764"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Netflix/lemur/issues/117"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kvesteri/sqlalchemy-utils/issues/166"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Netflix/lemur/commit/394e18f76e5eb534d95160945ebc231ec3b4c794"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Netflix/lemur"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/lemur/PYSEC-2017-50.yaml"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/10/20/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Lemur uses static IV per key"
}

GHSA-CHWC-9RJV-X7MH

Vulnerability from github – Published: 2024-04-30 21:30 – Updated: 2024-07-03 21:39
VLAI
Details

Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3411"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-30T19:15:23Z",
    "severity": "CRITICAL"
  },
  "details": "Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device.",
  "id": "GHSA-chwc-9rjv-x7mh",
  "modified": "2024-07-03T21:39:43Z",
  "published": "2024-04-30T21:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3411"
    },
    {
      "type": "WEB",
      "url": "https://kb.cert.org/vuls/id/163057"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-US/000226504/dsa-2024-295-security-update-for-dell-idrac8-ipmi-session-vulnerability"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.la/content/dam/www/public/us/en/documents/specification-updates/ipmi-intelligent-platform-mgt-interface-spec-2nd-gen-v2-0-spec-update.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/163057"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQJ4-PH2F-7Q79

Vulnerability from github – Published: 2022-05-13 01:38 – Updated: 2022-05-13 01:38
VLAI
Details

ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Successfully guessing the token can lead to remote code execution.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-0897"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330",
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-22T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "ExpressionEngine version 2.x \u003c 2.11.8 and version 3.x \u003c 3.5.5 create an object signing token with weak entropy. Successfully guessing the token can lead to remote code execution.",
  "id": "GHSA-cqj4-ph2f-7q79",
  "modified": "2022-05-13T01:38:26Z",
  "published": "2022-05-13T01:38:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-0897"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/215890"
    },
    {
      "type": "WEB",
      "url": "https://docs.expressionengine.com/latest/about/changelog.html#version-3-5-5"
    },
    {
      "type": "WEB",
      "url": "https://docs.expressionengine.com/v2/about/changelog.html#version-2-11-8"
    },
    {
      "type": "WEB",
      "url": "https://expressionengine.com/blog/expressionengine-3.5.5-and-2.11.8-released"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99242"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQPC-C229-H8HR

Vulnerability from github – Published: 2022-09-21 00:00 – Updated: 2022-09-23 00:00
VLAI
Details

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring the RSA modulus N in the certificate of the web administration interface.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-34746"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-20T02:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring the RSA modulus N in the certificate of the web administration interface.",
  "id": "GHSA-cqpc-c229-h8hr",
  "modified": "2022-09-23T00:00:45Z",
  "published": "2022-09-21T00:00:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34746"
    },
    {
      "type": "WEB",
      "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-insufficient-entropy-vulnerability-of-gs1900-series-switches"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CR9C-949P-JXVR

Vulnerability from github – Published: 2024-10-03 18:30 – Updated: 2024-10-29 15:31
VLAI
Details

Eufy HomeBase 2 model T8010X v3.2.8.3h was discovered to use the deprecated wireless protocol WPA2-PSK.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-37822"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-03T18:15:04Z",
    "severity": "HIGH"
  },
  "details": "Eufy HomeBase 2 model T8010X v3.2.8.3h was discovered to use the deprecated wireless protocol WPA2-PSK.",
  "id": "GHSA-cr9c-949p-jxvr",
  "modified": "2024-10-29T15:31:59Z",
  "published": "2024-10-03T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37822"
    },
    {
      "type": "WEB",
      "url": "https://www.usenix.org/conference/woot24/presentation/goeman"
    },
    {
      "type": "WEB",
      "url": "https://www.usenix.org/system/files/woot24-goeman.pdf"
    },
    {
      "type": "WEB",
      "url": "http://anker.com"
    },
    {
      "type": "WEB",
      "url": "http://eufy.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CV48-2FRC-94W5

Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08
VLAI
Details

A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to gain unauthorized access to the charging station web server

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22727"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-21T15:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to gain unauthorized access to the charging station web server",
  "id": "GHSA-cv48-2frc-94w5",
  "modified": "2022-05-24T19:08:48Z",
  "published": "2022-05-24T19:08:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22727"
    },
    {
      "type": "WEB",
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation
Implementation

Determine the necessary entropy to adequately provide for randomness and predictability. This can be achieved by increasing the number of bits of objects such as keys and seeds.

CAPEC-59: Session Credential Falsification through Prediction

This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.