Sakai kernel-impl: predictable PRNG used to generate server‑side encryption key in EncryptionUtilityServiceImpl
Description
Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password (serverSecretKey) using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted from limited state/seed information (e.g., start time window), substantially reducing the effective search space of the generated key. An attacker who can obtain ciphertexts (e.g., exported or at‑rest strings protected by this service) and approximate the PRNG seed can feasibly reconstruct the serverSecretKey and decrypt affected data. SAK-49866 is patched in Sakai 23.5, 25.0, and trunk.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Sakai CLE uses java.util.Random to generate encryption key, making it predictable; attacker with ciphertexts can decrypt protected data.
What the vulnerability is: Sakai's EncryptionUtilityServiceImpl initializes its AES256TextEncryptor password (serverSecretKey) using RandomStringUtils backed by java.util.Random, a non-cryptographic PRNG. This PRNG is deterministic and can be predicted from limited seed information (e.g., start time window), drastically reducing the effective search space of the generated key [1][4].
How it is exploited: An attacker who can obtain ciphertexts (e.g., exported or at‑rest strings protected by this service) and approximate the PRNG seed can feasibly reconstruct the serverSecretKey. No special network position is required if the attacker has access to the ciphertexts; the attack relies on predicting the seed, which may be derived from system time or other observable state [1][4].
Impact: Successful exploitation allows the attacker to decrypt any data encrypted by the vulnerable service, compromising the confidentiality of protected information [1][4].
Mitigation: The vulnerability is fixed in Sakai versions 23.5 and 25.0, as well as trunk. The commit bde0701 replaces java.util.Random with SecureRandom for key generation [3]. Users should upgrade to a patched version.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.sakaiproject.kernel:sakai-kernel-implMaven | <= 23.3 | — |
Affected products
1- sakaiproject/sakaiv5Range: < 23.5
Patches
1bde070104b1dSAK-49866 use commons-text for generation
3 files changed · +7 −3
jobscheduler/scheduler-component-shared/src/java/org/sakaiproject/component/app/scheduler/jobs/cm/processor/sis/UserProcessor.java+3 −1 modified@@ -15,6 +15,7 @@ */ package org.sakaiproject.component.app.scheduler.jobs.cm.processor.sis; +import java.security.SecureRandom; import java.util.Arrays; import java.util.HashMap; import java.util.List; @@ -146,7 +147,8 @@ private void processSisUser(SisUser user, ProcessorState state) throws Exception } protected String generatePassword() { - return RandomStringUtils.randomAlphanumeric(9); + final SecureRandom random = new SecureRandom(); + return RandomStringUtils.random(12, 0, 0, true, true, null, random); } protected void updateExtraPropertiesWithEdit(SisUser sisUser, UserEdit ue) throws UserNotDefinedException, UserPermissionException, UserLockedException, UserAlreadyDefinedException {
kernel/kernel-impl/src/main/java/org/sakaiproject/util/impl/EncryptionUtilityServiceImpl.java+4 −1 modified@@ -17,6 +17,8 @@ import lombok.extern.slf4j.Slf4j; +import java.security.SecureRandom; + import org.apache.commons.lang3.RandomStringUtils; import org.jasypt.util.text.AES256TextEncryptor; import org.sakaiproject.util.api.EncryptionUtilityService; @@ -30,7 +32,8 @@ public void init() { int keyLength = 30; boolean useLetters = true; boolean useNumbers = true; - String serverSecretKey = RandomStringUtils.random(keyLength, useLetters, useNumbers); + final SecureRandom random = new SecureRandom(); + final String serverSecretKey = RandomStringUtils.random(keyLength, 0, 0, useLetters, useNumbers, null, random); log.info("Server secret key has been set, not exposing it for security reasons."); textEncryptor.setPassword(serverSecretKey); }
webapi/src/main/java/org/sakaiproject/webapi/controllers/ProfileController.java+0 −1 modified@@ -24,7 +24,6 @@ import org.sakaiproject.webapi.beans.ProfileRestBean; import org.apache.commons.lang3.StringUtils; -import org.apache.commons.lang3.RandomStringUtils; import org.springframework.http.MediaType; import org.springframework.web.bind.annotation.GetMapping;
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-gr7h-xw4f-wh86ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-62710ghsaADVISORY
- github.com/sakaiproject/sakai/commit/bde070104b1de01f4a6458dca6d9e0880a0e3c04ghsax_refsource_MISCWEB
- github.com/sakaiproject/sakai/security/advisories/GHSA-gr7h-xw4f-wh86ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.