CVEbaza.plSłownik CWECWE-330
Common Weakness Enumeration

CWE-330

Use of Insufficiently Random Values

Kategoria: ClassCVE: 432
Opis

Produkt wykorzystuje niewystarczająco losowe liczby lub wartości w kontekście bezpieczeństwa, który zależy od nieprzewidywalnych liczb. Może to prowadzić do złamania mechanizmów bezpieczeństwa opartych na losowości.

Description (EN)

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Podatności CVE z CWE-330 (432)
10.0
CVSS
CRITICAL
CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this parameter and use it to gather additional information about other InHand devices managed on the same cloud platform.

pub. 2023-01-12
10.0
CVSS
CRITICAL
CVE-2021-40422

An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

pub. 2022-04-14
9.8
CVSS
CRITICAL
CVE-2026-27637

FreeScout przed wersją 1.8.206 używa przewidywalnego tokenu uwierzytelniającego opartego na algorytmie MD5, który może zostać odtworzony przez atakującego znającego klucz APP_KEY. Umożliwia to pełne przejęcie dowolnego konta użytkownika, w tym administratora, bez znajomości hasła.

pub. 2026-02-25
9.8
CVSS
CRITICAL
CVE-2025-4607

Plugin PSW Front-end Login & Registration dla WordPress (wersje do 1.12 włącznie) zawiera krytyczną podatność umożliwiającą nieuwierzytelnionemu atakującemu przejęcie pełnej kontroli nad witryną. Słaby mechanizm jednorazowych kodów OTP pozwala na reset hasła dowolnego użytkownika, w tym administratorów.

pub. 2025-05-31
9.8
CVSS
CRITICAL
CVE-2024-36389

Podatność w Milesight DeviceHub polega na stosowaniu niewystarczająco losowych wartości (CWE-330), co umożliwia obejście mechanizmu uwierzytelniania. Podatność otrzymała ocenę CVSS 9.8 (CRITICAL), co oznacza najwyższy poziom zagrożenia.

pub. 2024-06-02
9.8
CVSS
CRITICAL
CVE-2020-27630

In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.

pub. 2023-10-10
9.8
CVSS
CRITICAL
CVE-2020-27631

In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random.

pub. 2023-10-10
9.8
CVSS
CRITICAL
CVE-2023-39979

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values.  

pub. 2023-09-02
9.8
CVSS
CRITICAL
CVE-2023-4344

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

pub. 2023-08-15
9.8
CVSS
CRITICAL
CVE-2023-2884

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

pub. 2023-05-25
9.8
CVSS
CRITICAL
CVE-2022-46353

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.

pub. 2022-12-13
9.8
CVSS
CRITICAL
CVE-2022-44938

Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack.

pub. 2022-12-08
9.8
CVSS
CRITICAL
CVE-2022-36536

An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens.

pub. 2022-09-16
9.8
CVSS
CRITICAL
CVE-2022-25752

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.

pub. 2022-04-12
9.8
CVSS
CRITICAL
CVE-2021-36166

An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to efficiently guess one administrative account's authentication token by means of the observation of certain system's properties.

pub. 2022-03-01
9.8
CVSS
CRITICAL
CVE-2022-22922

TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges.

pub. 2022-02-18
9.8
CVSS
CRITICAL
CVE-2021-36294

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulnerability by forging a cookie to login as any user.

pub. 2022-01-25
9.8
CVSS
CRITICAL
CVE-2021-41694

An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php.

pub. 2021-12-09
9.8
CVSS
CRITICAL
CVE-2021-28024

Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password.

pub. 2021-11-08
9.8
CVSS
CRITICAL
CVE-2021-34646

Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.

pub. 2021-08-30
Pokazano 20 z 432 podatności
Informacje
ID: CWE-330
Typ: Class
Podatności: 432
MITRE CWE ↗
← Słownik CWE
CWE-330 — Użycie Niedostatecznie Losowych Wartości | Słownik CWE | CVEbaza.pl