CWE-330
DiscouragedUse of Insufficiently Random Values
Abstraction: Class · Status: Stable
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
445 vulnerabilities reference this CWE, most recent first.
GHSA-4Q2F-J497-JMQF
Vulnerability from github – Published: 2022-04-01 00:00 – Updated: 2022-04-06 00:01Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations.
{
"affected": [],
"aliases": [
"CVE-2021-46010"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-30T23:15:00Z",
"severity": "HIGH"
},
"details": "Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations.",
"id": "GHSA-4q2f-j497-jmqf",
"modified": "2022-04-06T00:01:42Z",
"published": "2022-04-01T00:00:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46010"
},
{
"type": "WEB",
"url": "https://hackmd.io/Ynwm8NnQSiK0xm7QKuNteg"
},
{
"type": "WEB",
"url": "http://a3100r.com"
},
{
"type": "WEB",
"url": "http://totolink.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4RJ2-HHFH-P3J7
Vulnerability from github – Published: 2022-05-01 23:50 – Updated: 2024-02-14 18:30The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration."
{
"affected": [],
"aliases": [
"CVE-2008-2433"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-08-27T20:41:00Z",
"severity": "HIGH"
},
"details": "The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified \"manipulation of the configuration.\"",
"id": "GHSA-4rj2-hhfh-p3j7",
"modified": "2024-02-14T18:30:23Z",
"published": "2022-05-01T23:50:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2433"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44597"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31373"
},
{
"type": "WEB",
"url": "http://secunia.com/secunia_research/2008-31/advisory"
},
{
"type": "WEB",
"url": "http://securityreason.com/securityalert/4191"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/495670/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/30792"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1020732"
},
{
"type": "WEB",
"url": "http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_SP1_Win_EN_CriticalPatch_B2402_readme.txt"
},
{
"type": "WEB",
"url": "http://www.trendmicro.com/ftp/documentation/readme/Readme_WFBS5%200_EN_CriticalPatch1404.txt"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2008/2421"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4X8W-5X74-C8V5
Vulnerability from github – Published: 2022-05-01 23:27 – Updated: 2024-02-09 03:32actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action.
{
"affected": [],
"aliases": [
"CVE-2008-0141"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-01-08T19:46:00Z",
"severity": "HIGH"
},
"details": "actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action.",
"id": "GHSA-4x8w-5x74-c8v5",
"modified": "2024-02-09T03:32:52Z",
"published": "2022-05-01T23:27:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0141"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39486"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/4835"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/27145"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-52XF-QWX9-XFXQ
Vulnerability from github – Published: 2022-05-13 00:01 – Updated: 2022-05-24 00:01SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value
{
"affected": [],
"aliases": [
"CVE-2022-29930"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-12T09:15:00Z",
"severity": "MODERATE"
},
"details": "SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value",
"id": "GHSA-52xf-qwx9-xfxq",
"modified": "2022-05-24T00:01:45Z",
"published": "2022-05-13T00:01:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29930"
},
{
"type": "WEB",
"url": "https://github.com/ktorio/ktor/pull/2966"
},
{
"type": "WEB",
"url": "https://www.jetbrains.com/privacy-security/issues-fixed"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-532M-87RC-7FJR
Vulnerability from github – Published: 2022-05-24 17:40 – Updated: 2022-05-24 17:40An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password.
{
"affected": [],
"aliases": [
"CVE-2020-13860"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-01T02:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password algorithm for the undocumented system account mofidev generates a predictable six-digit password.",
"id": "GHSA-532m-87rc-7fjr",
"modified": "2022-05-24T17:40:41Z",
"published": "2022-05-24T17:40:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13860"
},
{
"type": "WEB",
"url": "https://mofinetwork.com/index.php?main_page=page\u0026id=14"
},
{
"type": "WEB",
"url": "https://www.criticalstart.com/critical-vulnerabilities-discovered-in-mofi-routers"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-53QP-XQ7M-XPPP
Vulnerability from github – Published: 2023-12-29 12:30 – Updated: 2024-02-29 03:32A vulnerability classified as problematic has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This affects an unknown part of the component Web Configuration Application. The manipulation leads to insufficiently random values. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249255.
{
"affected": [],
"aliases": [
"CVE-2023-4462"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-29T10:15:11Z",
"severity": "LOW"
},
"details": "A vulnerability classified as problematic has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This affects an unknown part of the component Web Configuration Application. The manipulation leads to insufficiently random values. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249255.",
"id": "GHSA-53qp-xq7m-xppp",
"modified": "2024-02-29T03:32:46Z",
"published": "2023-12-29T12:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4462"
},
{
"type": "WEB",
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11919.html"
},
{
"type": "WEB",
"url": "https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices"
},
{
"type": "WEB",
"url": "https://modzero.com/en/advisories/mz-23-01-poly-voip"
},
{
"type": "WEB",
"url": "https://modzero.com/en/advisories/mz-23-01-poly-voip-devices"
},
{
"type": "WEB",
"url": "https://modzero.com/en/blog/multiple-vulnerabilities-in-poly-products"
},
{
"type": "WEB",
"url": "https://support.hp.com/us-en/document/ish_9929296-9929329-16/hpsbpy03896"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.249255"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.249255"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-572H-92HG-4MQM
Vulnerability from github – Published: 2024-08-12 15:30 – Updated: 2024-08-12 15:30Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link.
{
"affected": [],
"aliases": [
"CVE-2024-42164"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-12T13:38:32Z",
"severity": "MODERATE"
},
"details": "Insufficiently random values for generating password reset token in FIWARE Keyrock \u003c= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link.",
"id": "GHSA-572h-92hg-4mqm",
"modified": "2024-08-12T15:30:50Z",
"published": "2024-08-12T15:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42164"
},
{
"type": "WEB",
"url": "https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-596H-HVJH-FFPF
Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.
{
"affected": [],
"aliases": [
"CVE-2021-25677"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-22T21:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Nucleus 4 (All versions \u003c V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions \u003c V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003e= V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.",
"id": "GHSA-596h-hvjh-ffpf",
"modified": "2022-05-24T17:48:17Z",
"published": "2022-05-24T17:48:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25677"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5FH3-V3JW-RC9H
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2025-04-20 03:46Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
{
"affected": [],
"aliases": [
"CVE-2017-13078"
],
"database_specific": {
"cwe_ids": [
"CWE-323",
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-17T13:29:00Z",
"severity": "MODERATE"
},
"details": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"id": "GHSA-5fh3-v3jw-rc9h",
"modified": "2025-04-20T03:46:53Z",
"published": "2022-05-13T01:42:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13078"
},
{
"type": "WEB",
"url": "https://www.krackattacks.com"
},
{
"type": "WEB",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"type": "WEB",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208222"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208221"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208220"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208219"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"type": "WEB",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"type": "WEB",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039585"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5FQV-MPJ8-H7GM
Vulnerability from github – Published: 2023-03-01 18:05 – Updated: 2024-09-30 19:44Overview
Lemur was using insecure random generation for its example configuration file, as well as for some utilities.
Impact
The potentially affected generated items include:
| Configuration item | Config option name (if applicable) | Documentation link (if applicable) | Rotation option | Code reference(s) |
|---|---|---|---|---|
| Flask session secret | SECRET_KEY |
Flask documentation | Generate a new secret and place in config; all existing sessions will be invalidated | N/A, internal to Flask |
| Lemur token secret | LEMUR_TOKEN_SECRET |
Lemur's configuration documentation | Generate a new secret and place in config; all existing JWTs will be invalidated and must be regenerated (including API keys) | 1, 2 |
| Lemur database encryption key | LEMUR_ENCRYPTION_KEYS |
Lemur's configuration documentation | A new key can be generated and added to this list, but existing data encrypted with prior keys cannot be re-encrypted unless you write a custom re-encryption process | 1 |
| OAuth2 state token secret key | OAUTH_STATE_TOKEN_SECRET |
Lemur's configuration documentation | Generate a new secret and place in config | 1 |
| Randomly generated passphrases for openssl keystores | N/A, generated at runtime but persisted | N/A | Re-export all openssl keystores and replace them wherever they're in use | 1 |
| Initial password for LDAP users | N/A, generated at runtime but persisted | N/A | N/A, cannot be rotated* | 1 |
| Initial password for Ping/OAuth2 users | N/A, generated at runtime but persisted | N/A | N/A, cannot be rotated* | 1 |
| Oauth2 nonce | N/A, short-lived runtime secret | N/A | N/A, rotation is not required (these are short-lived) | 1 |
| Verisign certificate enrollment challenges | N/A, short-lived runtime secret | N/A | N/A, rotation is not required (these are short-lived) | 1 |
If your deployment of Lemur is using any of the above config secrets that were generated by Lemur's example config (i.e., generated using insecure randomness), you should rotate those config secrets. If you generated your config secrets in a more secure way, they are not known to be compromised, but you should still upgrade Lemur to ensure that you receive code fixes for the runtime-generated secrets.
For general information and guidance on Lemur secret configuration, see Lemur's configuration documentation, which includes information on many of the configuration options listed above.
*For the user passwords: Even though these users are configured to use SSO, they do get generated with valid database passwords that can be used to log in. Since Lemur doesn't have an option to change passwords (#3888), one option for rotating them would be to directly modify the value in the database to some other unguessable string (you do not need to know the plaintext password since it won't be used).
Patches
The patch is available in v1.3.2.
Workarounds
No workarounds are available.
References
N/A
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "lemur"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-30797"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": true,
"github_reviewed_at": "2023-03-01T18:05:56Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Overview\nLemur was using insecure random generation for its example configuration file, as well as for some utilities.\n\n### Impact\nThe potentially affected generated items include:\n\n| Configuration item | Config option name (if applicable) | Documentation link (if applicable) | Rotation option | Code reference(s) |\n| ----------- | ----------- | ----------- | ----------- |----------- |\n| Flask session secret | `SECRET_KEY` | [Flask documentation](https://flask.palletsprojects.com/en/2.2.x/config/#SECRET_KEY) | Generate a new secret and place in config; all existing sessions will be invalidated | N/A, internal to Flask |\n| Lemur token secret | `LEMUR_TOKEN_SECRET` | [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration) | Generate a new secret and place in config; all existing JWTs will be invalidated and must be regenerated (including API keys) | [1](https://github.com/Netflix/lemur/blob/1b61194a936240103f3c23299f9512c2b7e0fd36/lemur/auth/service.py#L79), [2](https://github.com/Netflix/lemur/blob/1b61194a936240103f3c23299f9512c2b7e0fd36/lemur/auth/service.py#L105) |\n| Lemur database encryption key | `LEMUR_ENCRYPTION_KEYS` | [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration) | A new key can be generated and added to this list, but existing data encrypted with prior keys cannot be re-encrypted unless you write a custom re-encryption process | [1](https://github.com/Netflix/lemur/blob/3783fbeaa1645bbee022827f4f53ffb12dd65a61/lemur/utils.py#L58) |\n| OAuth2 state token secret key | `OAUTH_STATE_TOKEN_SECRET` | [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration) | Generate a new secret and place in config | [1](https://github.com/Netflix/lemur/blob/4b03baaf5544f167e78055bab15a903b1badf22b/lemur/auth/views.py#L267) |\n| Randomly generated passphrases for openssl keystores | N/A, generated at runtime but persisted |N/A | Re-export all openssl keystores and replace them wherever they\u0027re in use | [1](https://github.com/Netflix/lemur/blob/2603776e5c0ac25fa0103ff1357dea391d880160/lemur/plugins/lemur_openssl/plugin.py#L129) |\n| Initial password for LDAP users | N/A, generated at runtime but persisted | N/A | N/A, cannot be rotated* | [1](https://github.com/Netflix/lemur/blob/3783fbeaa1645bbee022827f4f53ffb12dd65a61/lemur/auth/ldap.py#L66) |\n| Initial password for Ping/OAuth2 users | N/A, generated at runtime but persisted |N/A | N/A, cannot be rotated* | [1](https://github.com/Netflix/lemur/blob/4b03baaf5544f167e78055bab15a903b1badf22b/lemur/auth/views.py#L234) |\n| Oauth2 nonce | N/A, short-lived runtime secret |N/A | N/A, rotation is not required (these are short-lived) | [1](https://github.com/Netflix/lemur/blob/4b03baaf5544f167e78055bab15a903b1badf22b/lemur/auth/views.py#L668) |\n| Verisign certificate enrollment challenges | N/A, short-lived runtime secret | N/A | N/A, rotation is not required (these are short-lived) | [1](https://github.com/Netflix/lemur/blob/d4af5af99cd51016579f015d79df649c68a6ad15/lemur/plugins/lemur_verisign/plugin.py#L107) |\n\nIf your deployment of Lemur is using any of the above config secrets that were _generated by Lemur\u0027s example config_ (i.e., generated using insecure randomness), you should rotate those config secrets. If you generated your config secrets in a more secure way, they are not known to be compromised, but you should still upgrade Lemur to ensure that you receive code fixes for the runtime-generated secrets.\n\nFor general information and guidance on Lemur secret configuration, see [Lemur\u0027s configuration documentation](https://lemur.readthedocs.io/en/latest/administration.html#configuration), which includes information on many of the configuration options listed above.\n\n*For the user passwords: Even though these users are configured to use SSO, they do get generated with valid database passwords that can be used to log in. Since Lemur doesn\u0027t have an option to change passwords (#3888), one option for rotating them would be to directly modify the value in the database to some other unguessable string (you do not need to know the plaintext password since it won\u0027t be used).\n\n### Patches\nThe patch is available in v1.3.2.\n\n### Workarounds\nNo workarounds are available.\n\n### References\nN/A",
"id": "GHSA-5fqv-mpj8-h7gm",
"modified": "2024-09-30T19:44:46Z",
"published": "2023-03-01T18:05:56Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Netflix/lemur/security/advisories/GHSA-5fqv-mpj8-h7gm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30797"
},
{
"type": "WEB",
"url": "https://github.com/Netflix/lemur/issues/3888"
},
{
"type": "WEB",
"url": "https://github.com/Netflix/lemur/commit/666d853212174ee7f4e6f8b3b4b389ede1872238"
},
{
"type": "PACKAGE",
"url": "https://github.com/Netflix/lemur"
},
{
"type": "WEB",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2023-001.md"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/lemur/PYSEC-2023-20.yaml"
},
{
"type": "WEB",
"url": "https://vulncheck.com/advisories/netflix-lemur-weak-rng"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Lemur subject to insecure random generation"
}
Mitigation
- Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
- In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
- Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
Mitigation MIT-2
Strategy: Libraries or Frameworks
Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-485: Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.