Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-5391

Опубликовано: 27 апр. 2018
Источник: nvd
CVSS3: 5.3
CVSS2: 3.5
EPSS Низкий

Описание

IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:worklight:5.0.0.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:worklight:5.0.0.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:worklight:5.0.5.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:worklight:5.0.5.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:worklight:5.0.6.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:worklight:5.0.6.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:worklight:6.0.0.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:worklight:6.0.0.0:*:*:*:enterprise:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:ibm:mobile_foundation:5.0.0.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:mobile_foundation:5.0.0.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:mobile_foundation:5.0.5.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:mobile_foundation:5.0.5.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:mobile_foundation:5.0.6.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:mobile_foundation:5.0.6.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:ibm:mobile_foundation:6.0.0.0:*:*:*:consumer:*:*:*
cpe:2.3:a:ibm:mobile_foundation:6.0.0.0:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 42%
0.00197
Низкий

5.3 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-310

Связанные уязвимости

github логотип

GHSA-6r6h-3g69-3c83

CVSS3: 5.3
github
больше 3 лет назад

IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128.

EPSS

Процентиль: 42%
0.00197
Низкий

5.3 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-310