CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Description
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (109)
page 1 of 6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-2367 | Cri | 0.69 | 9.8 | 0.23 | Jul 8, 2009 | cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session_id parameter. | ||
| CVE-2026-3256 | Cri | 0.64 | 9.8 | 0.01 | Mar 28, 2026 | HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the… | ||
| CVE-2025-3495 | Cri | 0.64 | 9.8 | 0.01 | Apr 16, 2025 | Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code. | ||
| CVE-2024-40762 | Cri | 0.64 | 9.8 | 0.01 | Jan 9, 2025 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass. | ||
| CVE-2023-2884 | Cri | 0.64 | 9.8 | 0.01 | May 25, 2023 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. | ||
| CVE-2017-18021 | Cri | 0.64 | 9.8 | 0.02 | Jan 5, 2018 | It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI. | ||
| CVE-2026-42155 | — | Cri | 0.60 | — | 0.00 | May 15, 2026 | Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, the XML-RPC / SOAP API session ID is generated using an… | |
| CVE-2026-11832 | Cri | 0.59 | 9.1 | 0.00 | Jun 15, 2026 | Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable. | ||
| CVE-2026-5085 | Cri | 0.59 | 9.1 | 0.00 | Apr 13, 2026 | Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id. The same method is used in the… | ||
| CVE-2025-15618 | Cri | 0.59 | 9.1 | 0.00 | Mar 31, 2026 | Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key. Business::OnlinePayment::StoredTransaction generates a secret key by using a MD5 hash of a single call to the built-in rand function, which is unsuitable for cryptographic… | ||
| CVE-2025-40931 | Cri | 0.59 | 9.1 | 0.01 | Mar 5, 2026 | Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID.… | ||
| CVE-2025-40916 | Cri | 0.59 | 9.1 | 0.00 | Jun 16, 2025 | Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha. That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure. | ||
| CVE-2018-16115 | — | Cri | 0.59 | 9.1 | 0.01 | Aug 29, 2018 | Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). Akka allows configuration of custom random number generators. For historical… | |
| CVE-2025-15604 | Cri | 0.57 | 9.8 | 0.01 | Mar 28, 2026 | Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by… | ||
| CVE-2017-8081 | Hig | 0.57 | 8.8 | 0.01 | Apr 30, 2017 | Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce. | ||
| CVE-2008-0166 | Hig | 0.57 | 7.5 | 0.71 | May 13, 2008 | OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys. | ||
| CVE-2026-11347 | Hig | 0.55 | — | 0.00 | Jun 5, 2026 | The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with… | ||
| CVE-2025-54883 | Cri | 0.53 | — | 0.00 | Aug 6, 2025 | Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 (packaged in Vision-ui <= 1.4.0) contains a critical cryptographic weakness. Due… | ||
| CVE-2026-47372 | Cri | 0.52 | 9.1 | 0.00 | May 20, 2026 | Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography. | ||
| CVE-2025-40925 | Cri | 0.52 | 9.1 | 0.00 | Sep 20, 2025 | Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of… |
- risk 0.69cvss 9.8epss 0.23
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session_id parameter.
- risk 0.64cvss 9.8epss 0.01
HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the…
- risk 0.64cvss 9.8epss 0.01
Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.
- risk 0.64cvss 9.8epss 0.01
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.
- risk 0.64cvss 9.8epss 0.01
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation. This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
- risk 0.64cvss 9.8epss 0.02
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI.
- risk 0.60cvss —epss 0.00
Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, the XML-RPC / SOAP API session ID is generated using an…
- risk 0.59cvss 9.1epss 0.00
Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable.
- risk 0.59cvss 9.1epss 0.00
Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id. The same method is used in the…
- risk 0.59cvss 9.1epss 0.00
Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key. Business::OnlinePayment::StoredTransaction generates a secret key by using a MD5 hash of a single call to the built-in rand function, which is unsuitable for cryptographic…
- risk 0.59cvss 9.1epss 0.01
Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID.…
- risk 0.59cvss 9.1epss 0.00
Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha. That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.
- risk 0.59cvss 9.1epss 0.01
Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). Akka allows configuration of custom random number generators. For historical…
- risk 0.57cvss 9.8epss 0.01
Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by…
- risk 0.57cvss 8.8epss 0.01
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce.
- risk 0.57cvss 7.5epss 0.71
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
- risk 0.55cvss —epss 0.00
The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with…
- risk 0.53cvss —epss 0.00
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 (packaged in Vision-ui <= 1.4.0) contains a critical cryptographic weakness. Due…
- risk 0.52cvss 9.1epss 0.00
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
- risk 0.52cvss 9.1epss 0.00
Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of…