Common Weakness Enumeration

CWE-330

Discouraged

Use of Insufficiently Random Values

Abstraction: Class · Status: Stable

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

445 vulnerabilities reference this CWE, most recent first.

GHSA-PQ4W-QM9G-QX68

Vulnerability from github – Published: 2020-03-16 22:46 – Updated: 2021-07-28 18:54
VLAI
Summary
Insufficient Nonce Validation in Eclipse Milo Client
Details

Impact

Credential replay affecting those connected to a server when all 3 of the following conditions are met: - SecurityPolicy is None - using username/password or X509-based authentication - the server has a defect causing it to send null/empty or zeroed nonces

Patches

The problem has been patched in version 0.3.6. A more relaxed treatment of validation as agreed upon by the OPC UA Security Working Group is implemented in version 0.3.7.

Workarounds

Do not use username/password or X509-based authentication with SecurityPolicy of None.

References

https://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2019-19135.pdf

For more information

If you have any questions or comments about this advisory: * Open an issue at https://github.com/eclipse/milo/issues * Email the mailing list

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.3.4"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.eclipse.milo:sdk-client"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.3.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-19135"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330",
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-03-16T20:59:53Z",
    "nvd_published_at": "2020-03-16T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nCredential replay affecting those connected to a server when *all 3* of the following conditions are met:\n- `SecurityPolicy` is `None`\n- using username/password or X509-based authentication\n- the server has a defect causing it to send null/empty or zeroed nonces \n\n### Patches\nThe problem has been patched in version `0.3.6`. A more relaxed treatment of validation as agreed upon by the OPC UA Security Working Group is implemented in version `0.3.7`.\n\n### Workarounds\nDo not use username/password or X509-based authentication with `SecurityPolicy` of `None`.\n\n### References\nhttps://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2019-19135.pdf\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue at [https://github.com/eclipse/milo/issues](https://github.com/eclipse/milo/issues)\n* Email [the mailing list](mailto:milo-dev@eclipse.org)",
  "id": "GHSA-pq4w-qm9g-qx68",
  "modified": "2021-07-28T18:54:53Z",
  "published": "2020-03-16T22:46:50Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/eclipse/milo/security/advisories/GHSA-pq4w-qm9g-qx68"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19135"
    },
    {
      "type": "WEB",
      "url": "https://github.com/eclipse/milo/commit/cac0e710bf2b8bed9c602fc597e9de1d8903abed"
    },
    {
      "type": "WEB",
      "url": "https://opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2019-19135.pdf"
    },
    {
      "type": "WEB",
      "url": "https://opcfoundation.org/security-bulletins"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Insufficient Nonce Validation in Eclipse Milo Client"
}

GHSA-PQC9-6W7J-MP2F

Vulnerability from github – Published: 2026-03-25 15:31 – Updated: 2026-03-25 15:31
VLAI
Details

An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain sensitive information via the cryptographic scheme.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-51346"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T14:16:28Z",
    "severity": "HIGH"
  },
  "details": "An issue in Eufy Homebase 2 version 3.3.4.1h allows a local attacker to obtain sensitive information via the cryptographic scheme.",
  "id": "GHSA-pqc9-6w7j-mp2f",
  "modified": "2026-03-25T15:31:28Z",
  "published": "2026-03-25T15:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51346"
    },
    {
      "type": "WEB",
      "url": "https://github.com/victorGoeman/Eufy-Ecosystem-Security-Research/blob/main/CVE-2024-51346.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/victorGoeman/Eufy-Ecosystem-Security-Research/blob/main/README.md"
    },
    {
      "type": "WEB",
      "url": "https://www.eufy.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PQRX-8F89-682J

Vulnerability from github – Published: 2022-07-08 00:00 – Updated: 2022-07-15 00:00
VLAI
Details

The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-25047"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-07T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.",
  "id": "GHSA-pqrx-8f89-682j",
  "modified": "2022-07-15T00:00:17Z",
  "published": "2022-07-08T00:00:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25047"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Immersive-Labs-Sec/CentOS-WebPanel"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PR9H-XJRF-GJCR

Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2022-05-24 16:46
VLAI
Details

CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-6821"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-22T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.",
  "id": "GHSA-pr9h-xjrf-gjcr",
  "modified": "2022-05-24T16:46:18Z",
  "published": "2022-05-24T16:46:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6821"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01"
    },
    {
      "type": "WEB",
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108366"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-PVV4-8WMW-VJF3

Vulnerability from github – Published: 2022-12-13 18:30 – Updated: 2024-04-04 03:13
VLAI
Details

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-46353"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-13T16:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions \u003c V3.2.7), SCALANCE X204RNA (PRP) (All versions \u003c V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions \u003c V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions \u003c V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions \u003c V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.",
  "id": "GHSA-pvv4-8wmw-vjf3",
  "modified": "2024-04-04T03:13:45Z",
  "published": "2022-12-13T18:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46353"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363821.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PW9J-JVFG-9PPW

Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2024-04-04 08:29
VLAI
Details

In Contiki 4.5, TCP ISNs are improperly random.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27634"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-10T17:15:10Z",
    "severity": "CRITICAL"
  },
  "details": "In Contiki 4.5, TCP ISNs are improperly random.",
  "id": "GHSA-pw9j-jvfg-9ppw",
  "modified": "2024-04-04T08:29:43Z",
  "published": "2023-10-10T18:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27634"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PWQG-3R7W-W9HW

Vulnerability from github – Published: 2022-05-13 01:08 – Updated: 2022-05-13 01:08
VLAI
Details

The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-8919"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-02-18T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.",
  "id": "GHSA-pwqg-3r7w-w9hw",
  "modified": "2022-05-13T01:08:17Z",
  "published": "2022-05-13T01:08:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8919"
    },
    {
      "type": "WEB",
      "url": "https://github.com/haiwen/seadroid/issues/789"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q3W8-GRP4-HC32

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-08-13 00:00
VLAI
Details

Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34646"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-290",
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-30T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.",
  "id": "GHSA-q3w8-grp4-hc32",
  "modified": "2022-08-13T00:00:35Z",
  "published": "2022-05-24T19:12:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34646"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=2581212%40woocommerce-jetpack\u0026new=2581212%40woocommerce-jetpack\u0026sfp_email=\u0026sfph_mail="
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/blog/2021/08/critical-authentication-bypass-vulnerability-patched-in-booster-for-woocommerce"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q4Q3-WX65-4J6J

Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2022-10-22 12:00
VLAI
Details

Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup due to a predictable name, resulting in authentication bypass (a login authenticated with the MD5 hash of any user found in the database).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-7667"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-07-01T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup due to a predictable name, resulting in authentication bypass (a login authenticated with the MD5 hash of any user found in the database).",
  "id": "GHSA-q4q3-wx65-4j6j",
  "modified": "2022-10-22T12:00:30Z",
  "published": "2022-05-24T16:49:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7667"
    },
    {
      "type": "WEB",
      "url": "https://applied-risk.com/labs/advisories"
    },
    {
      "type": "WEB",
      "url": "https://www.applied-risk.com/resources/ar-2019-007"
    },
    {
      "type": "WEB",
      "url": "https://www.us-cert.gov/ics/advisories/icsa-19-211-02"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/155262/Prima-FlexAir-Access-Control-2.3.35-Database-Backup-Predictable-Name.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q4V3-WMM6-HCRX

Vulnerability from github – Published: 2022-05-05 00:29 – Updated: 2024-10-23 15:56
VLAI
Summary
pyrad is vulnerable to the use of Insufficiently Random Values
Details

packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pyrad"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2013-0294"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-23T21:26:31Z",
    "nvd_published_at": "2020-01-28T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.",
  "id": "GHSA-q4v3-wmm6-hcrx",
  "modified": "2024-10-23T15:56:18Z",
  "published": "2022-05-05T00:29:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0294"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wichert/pyrad/commit/38f74b36814ca5b1a27d9898141126af4953bee5"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911682"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82133"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/pyrad/PYSEC-2020-211.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/pyradius/pyrad"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200228160027/http://www.securityfocus.com/bid/57984"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115677.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115705.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116567.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/02/15/13"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "pyrad is vulnerable to the use of Insufficiently Random Values"
}

Mitigation
Architecture and Design
  • Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
  • In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
  • Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Implementation

Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.

Mitigation MIT-2
Architecture and Design Requirements

Strategy: Libraries or Frameworks

Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-485: Signature Spoofing by Key Recreation

An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

CAPEC-59: Session Credential Falsification through Prediction

This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.