CWE-331
AllowedInsufficient Entropy
Abstraction: Base · Status: Draft
The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
207 vulnerabilities reference this CWE, most recent first.
GHSA-H385-CWMV-VJ9F
Vulnerability from github – Published: 2026-02-15 12:30 – Updated: 2026-02-15 12:30The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle.
{
"affected": [],
"aliases": [
"CVE-2026-2541"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-15T11:15:55Z",
"severity": "MODERATE"
},
"details": "The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle.",
"id": "GHSA-h385-cwmv-vj9f",
"modified": "2026-02-15T12:30:25Z",
"published": "2026-02-15T12:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2541"
},
{
"type": "WEB",
"url": "https://asrg.io/security-advisories/cve-2026-2541"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:H/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H572-23QR-5763
Vulnerability from github – Published: 2022-01-29 00:00 – Updated: 2022-02-04 00:00A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from an internal network to an external network when an attacker manages to decrypt the SESU proxy password from the registry. Affected Product: Schneider Electric Software Update, V2.3.0 through V2.5.1
{
"affected": [],
"aliases": [
"CVE-2021-22799"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-28T20:15:00Z",
"severity": "LOW"
},
"details": "A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from an internal network to an external network when an attacker manages to decrypt the SESU proxy password from the registry. Affected Product: Schneider Electric Software Update, V2.3.0 through V2.5.1",
"id": "GHSA-h572-23qr-5763",
"modified": "2022-02-04T00:00:45Z",
"published": "2022-01-29T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22799"
},
{
"type": "WEB",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-02"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-H5P7-CPC2-2J2R
Vulnerability from github – Published: 2022-05-24 17:09 – Updated: 2022-05-24 17:09hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
{
"affected": [],
"aliases": [
"CVE-2019-10064"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-02-28T15:15:00Z",
"severity": "MODERATE"
},
"details": "hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.",
"id": "GHSA-h5p7-cpc2-2j2r",
"modified": "2022-05-24T17:09:53Z",
"published": "2022-05-24T17:09:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10064"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"type": "WEB",
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-H5R5-2H4M-2RX5
Vulnerability from github – Published: 2026-07-14 18:31 – Updated: 2026-07-14 18:31A vulnerability in Sonatype Nexus Repository Manager's format-specific API key generation may allow a remote attacker to gain unauthorized access to repository operations as a targeted user. A format-specific API key realm (NuGet API Key, Docker Bearer Token, or npm Bearer Token) must be enabled and the targeted user must have an active API key for this vulnerability to be exploitable.
{
"affected": [],
"aliases": [
"CVE-2026-11403"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T16:16:44Z",
"severity": "HIGH"
},
"details": "A vulnerability in Sonatype Nexus Repository Manager\u0027s format-specific API key generation may allow a remote attacker to gain unauthorized access to repository operations as a targeted user. A format-specific API key realm (NuGet API Key, Docker Bearer Token, or npm Bearer Token) must be enabled and the targeted user must have an active API key for this vulnerability to be exploitable.",
"id": "GHSA-h5r5-2h4m-2rx5",
"modified": "2026-07-14T18:31:54Z",
"published": "2026-07-14T18:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11403"
},
{
"type": "WEB",
"url": "https://help.sonatype.com/en/sonatype-nexus-repository-3-93-0-release-notes.html"
},
{
"type": "WEB",
"url": "https://support.sonatype.com/hc/en-us/articles/52347011450515"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H97C-QP24-439V
Vulnerability from github – Published: 2024-05-15 22:27 – Updated: 2024-05-15 22:27laravel/socialite versions prior to 2.0.9 are found to have an insecure state generation mechanism, potentially exposing the OAuth authentication process to security risks. The issue has been addressed in version 2.0.9 by ensuring that the state is generated using a truly random approach, enhancing the security of the OAuth flow.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "laravel/socialite"
},
"ranges": [
{
"events": [
{
"introduced": "1.0.0"
},
{
"fixed": "2.0.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-15T22:27:23Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "laravel/socialite versions prior to 2.0.9 are found to have an insecure state generation mechanism, potentially exposing the OAuth authentication process to security risks. The issue has been addressed in version 2.0.9 by ensuring that the state is generated using a truly random approach, enhancing the security of the OAuth flow.\n\n",
"id": "GHSA-h97c-qp24-439v",
"modified": "2024-05-15T22:27:23Z",
"published": "2024-05-15T22:27:23Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/laravel/socialite/pull/91"
},
{
"type": "WEB",
"url": "https://github.com/laravel/socialite/commit/2ef13bae1484c44ede68e05486bce76cc0fa8dd8"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/laravel/socialite/2015-07-23.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/laravel/socialite"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Insecure State Generation in laravel/socialite"
}
GHSA-HC4J-7MQG-CXJJ
Vulnerability from github – Published: 2022-11-16 12:00 – Updated: 2023-07-07 21:05A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is bb10a5f3c68527c58073258cb12446782d223bc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213744.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "phpservermon/phpservermon"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-4241"
],
"database_specific": {
"cwe_ids": [
"CWE-1241",
"CWE-330",
"CWE-331"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-07T21:05:46Z",
"nvd_published_at": "2022-11-15T23:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function `setUserLoggedIn` of the file `src/psm/Service/User.php`. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is bb10a5f3c68527c58073258cb12446782d223bc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213744.",
"id": "GHSA-hc4j-7mqg-cxjj",
"modified": "2023-07-07T21:05:46Z",
"published": "2022-11-16T12:00:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4241"
},
{
"type": "WEB",
"url": "https://github.com/phpservermon/phpservermon/commit/bb10a5f3c68527c58073258cb12446782d223bc3"
},
{
"type": "PACKAGE",
"url": "https://github.com/phpservermon/phpservermon"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/1-phpservermon/phpservermon"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.213744"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "PHPServerMon PRNG has Insufficient Entropy"
}
GHSA-HG7G-GHRW-94PC
Vulnerability from github – Published: 2024-02-13 03:30 – Updated: 2024-10-16 21:31SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction request. This vulnerability can allow attackers to cause a Denial of Service (DoS) by using the predicted transaction ID's to terminate other transactions.
{
"affected": [],
"aliases": [
"CVE-2024-25407"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-13T01:15:08Z",
"severity": "HIGH"
},
"details": "SteVe v3.6.0 was discovered to use predictable transaction ID\u0027s when receiving a StartTransaction request. This vulnerability can allow attackers to cause a Denial of Service (DoS) by using the predicted transaction ID\u0027s to terminate other transactions.",
"id": "GHSA-hg7g-ghrw-94pc",
"modified": "2024-10-16T21:31:05Z",
"published": "2024-02-13T03:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25407"
},
{
"type": "WEB",
"url": "https://github.com/steve-community/steve/issues/1296"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HW6Q-C5XP-MH35
Vulnerability from github – Published: 2022-05-14 03:16 – Updated: 2022-05-14 03:16SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token's value can be brute-forced by an attacker to obtain the corresponding session cookie and hijack the user's session.
{
"affected": [],
"aliases": [
"CVE-2018-10240"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-05-16T14:29:00Z",
"severity": "HIGH"
},
"details": "SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. This session token\u0027s value can be brute-forced by an attacker to obtain the corresponding session cookie and hijack the user\u0027s session.",
"id": "GHSA-hw6q-c5xp-mh35",
"modified": "2022-05-14T03:16:44Z",
"published": "2022-05-14T03:16:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10240"
},
{
"type": "WEB",
"url": "https://www.bishopfox.com/news/2018/05/solarwinds-serv-u-managed-file-transfer-insufficient-session-id-entropy"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-HX6M-XFX3-6P5X
Vulnerability from github – Published: 2025-04-07 15:31 – Updated: 2025-04-07 21:32Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
Specifically Net::Dropbox::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
{
"affected": [],
"aliases": [
"CVE-2024-58036"
],
"database_specific": {
"cwe_ids": [
"CWE-331",
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-05T16:15:33Z",
"severity": "MODERATE"
},
"details": "Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.\n\nSpecifically Net::Dropbox::API uses the Data::Random library which specifically states that it is \"Useful mostly for test programs\". Data::Random uses the rand() function.",
"id": "GHSA-hx6m-xfx3-6p5x",
"modified": "2025-04-07T21:32:07Z",
"published": "2025-04-07T15:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58036"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L11"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L385"
},
{
"type": "WEB",
"url": "https://perldoc.perl.org/functions/rand"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-JFC5-J6CJ-CJ2X
Vulnerability from github – Published: 2022-05-24 17:22 – Updated: 2022-05-24 17:22The authentication implementation on the xArm controller has very low entropy, making it vulnerable to a brute-force attack. There is no mechanism in place to mitigate or lockout automated attempts to gain access.
{
"affected": [],
"aliases": [
"CVE-2020-10285"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-07-15T21:15:00Z",
"severity": "HIGH"
},
"details": "The authentication implementation on the xArm controller has very low entropy, making it vulnerable to a brute-force attack. There is no mechanism in place to mitigate or lockout automated attempts to gain access.",
"id": "GHSA-jfc5-j6cj-cj2x",
"modified": "2022-05-24T17:22:56Z",
"published": "2022-05-24T17:22:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10285"
},
{
"type": "WEB",
"url": "https://github.com/aliasrobotics/RVD/issues/3322"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Determine the necessary entropy to adequately provide for randomness and predictability. This can be achieved by increasing the number of bits of objects such as keys and seeds.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.