CWE-1241 7 件の CVE MITRE の定義 ↗

CWE-1241: Use of Predictable Algorithm in Random Number Generator

概要

CWE-1241(Use of Predictable Algorithm in Random Number Generator)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

セキュリティへの影響
セキュリティ影響:製品や文脈に依存します。CVE 記録、深刻度、MITRE の説明を参照して優先度を判断してください。

説明

The device uses an algorithm that is predictable and generates a pseudo-random number.

適用プラットフォーム

種別 名称 クラス 普遍性 OS / CPE
technology System on Chip Undetermined

このデータベースの関連 CVE

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE 公開 概要
CVE-2026-6420 2026-05-06 A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardc…
CVE-2025-13079 2026-02-19 The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to t…
CVE-2025-32056 2026-01-22 The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN t…
CVE-2023-4695 2023-08-31 Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
CVE-2021-3692 2021-08-10 yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
CVE-2021-3689 2021-08-10 yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
CVE-2016-10180 2017-01-29 An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding.

コンテンツ投稿

名称
Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi
組織
Intel Corporation
日付
2020-02-10
バージョン
4.0

コンテンツの変更履歴

日付 名称 バージョン 重要度 コメント
2020-06-25 CWE Content Team 4.1 updated Common_Consequences, Demonstrative_Examples, Modes_of_Introduction
2020-08-20 CWE Content Team 4.2 updated Common_Consequences, Demonstrative_Examples, Description, Maintenance_Notes, Modes_of_Introduction, Potential_Mitigations, Related_Attack_Patterns, Research_Gaps
2021-03-15 CWE Content Team 4.4 updated Maintenance_Notes, Research_Gaps
2021-07-20 CWE Content Team 4.5 updated Maintenance_Notes
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2023-10-26 CWE Content Team 4.13 updated Demonstrative_Examples, Description, Observed_Examples, References
2025-04-03 CWE Content Team 4.17 updated Demonstrative_Examples
2025-12-11 CWE Content Team 4.19 updated Description, Potential_Mitigations, Relationships, Weakness_Ordinalities

貢献

タイプ 名称 日付 コメント
Content Chen Chen, Rahul Kande, Jeyavijayan Rajendran 2023-06-21 suggested demonstrative example
Content Shaza Zeitouni, Mohamadreza Rostami, Ahmad-Reza Sadeghi 2023-06-21 suggested demonstrative example
cvelogic Threat Intelligence