CWE-334

Small Space of Random Values

AI Translation Available

The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.

Status

draft

Abstraction

base

Affected Platforms

Technical Details

AI Translation

Common Consequences

access control other

Impacts

bypass protection mechanism other

Potential Mitigations

Phases:

architecture and design requirements

Descriptions:

• Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").

AI Generated Translation

Common Consequences

controllo degli accessi altro

Impacts

elusione del meccanismo di protezione altro

Potential Mitigations

Phases:

architettura e design requisiti

Descriptions:

• Utilizzare prodotti o moduli conformi a FIPS 140-2 [REF-267] per evitare problemi evidenti di entropia. Consultare l'Appendice C di FIPS 140-2 ("Approved Random Number Generators").

CWE-334

Common Consequences

Impacts

Potential Mitigations

Common Consequences

Impacts

Potential Mitigations

Iscriviti alla newsletter