CWE-330Use of Insufficiently Random Values

Description

Common consequences· 3

• Confidentiality / Other — Other
  When a protection mechanism relies on random values to restrict access to a sensitive resource, such as a session ID or a seed for generating a cryptographic key, then the resource being protected could be accessed by guessing the ID or key.
• Access Control / Other — Bypass Protection Mechanism, Other
  If product relies on unique, unguessable IDs to identify a resource, an attacker might be able to guess an ID for a resource that is owned by another user. The attacker could then read the resource, or pre-create a resource with the same ID to prevent the legitimate program from properly sending the resource to the intended user. For example, a product might maintain session information in a file whose name is based on a username. An attacker could pre-create this file for a victim user, then set the permissions so that the application cannot generate the session for the victim, preventing the victim from using the application.
• Access Control — Bypass Protection Mechanism, Gain Privileges or Assume Identity
  When an authorization or authentication mechanism relies on random values to restrict access to restricted functionality, such as a session ID or a seed for generating a cryptographic key, then an attacker may access the restricted functionality by guessing the ID or key.

Potential mitigations· 3

• [Architecture and Design]
• [Implementation]Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
• [Architecture and Design, Requirements]Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").

Related CAPEC attack patterns· 3

Exploits (incoming)3

Compliance frameworks addressing this (incoming)1

(incoming)10

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.