CWE-330
Use of Insufficiently Random Values
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
CVE-2024-5868 (GCVE-0-2024-5868)
Vulnerability from cvelistv5 – Published: 2024-06-15 03:35 – Updated: 2026-04-08 17:10
VLAI
Title
WooCommerce - Social Login <= 2.6.2 - Email Verification due to Insufficient Randomness
Summary
The WooCommerce - Social Login plugin for WordPress is vulnerable to Email Verification in all versions up to, and including, 2.6.2 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification.
Severity
6.5 (Medium)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WPWeb | WooCommerce - Social Login |
Affected:
0 , ≤ 2.6.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T14:19:08.028127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T14:19:22.451Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:25:02.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/97fbbf5b-d3c7-47ce-b251-ce1fe38af152?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin/8495883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WooCommerce - Social Login",
"vendor": "WPWeb",
"versions": [
{
"lessThanOrEqual": "2.6.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce - Social Login plugin for WordPress is vulnerable to Email Verification in all versions up to, and including, 2.6.2 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:10:35.444Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/97fbbf5b-d3c7-47ce-b251-ce1fe38af152?source=cve"
},
{
"url": "https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin/8495883"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-11T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2024-06-11T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-06-14T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "WooCommerce - Social Login \u003c= 2.6.2 - Email Verification due to Insufficient Randomness"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5868",
"datePublished": "2024-06-15T03:35:10.691Z",
"dateReserved": "2024-06-11T15:31:25.064Z",
"dateUpdated": "2026-04-08T17:10:35.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-6348 (GCVE-0-2024-6348)
Vulnerability from cvelistv5 – Published: 2024-08-19 15:12 – Updated: 2024-08-19 19:26
VLAI
Title
Predictable seed generation after ECU reset
Summary
Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests.
Severity
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://asrg.io/security-advisories/ |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T19:26:41.720231Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T19:26:54.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Blind Spot Protection Sensor"
],
"packageName": "ECU",
"product": "Altima",
"vendor": "Nissan",
"versions": [
{
"status": "unknown",
"version": "Altima 2022"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thomas Sermpinis"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests."
}
],
"value": "Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112: Brute Force - An attacker can use brute force techniques to pre-calculate keys for the known seeds"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/AU:Y/V:D/RE:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T15:12:25.216Z",
"orgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"shortName": "ASRG"
},
"references": [
{
"url": "https://asrg.io/security-advisories/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Predictable seed generation after ECU reset",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"assignerShortName": "ASRG",
"cveId": "CVE-2024-6348",
"datePublished": "2024-08-19T15:12:25.216Z",
"dateReserved": "2024-06-26T10:31:26.483Z",
"dateUpdated": "2024-08-19T19:26:54.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7659 (GCVE-0-2024-7659)
Vulnerability from cvelistv5 – Published: 2024-08-11 02:31 – Updated: 2024-08-13 17:15
VLAI
Title
projectsend Password Reset Token functions.php generate_random_string random values
Summary
A vulnerability, which was classified as problematic, was found in projectsend up to r1605. Affected is the function generate_random_string of the file includes/functions.php of the component Password Reset Token Handler. The manipulation leads to insufficiently random values. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version r1720 is able to address this issue. The name of the patch is aa27eb97edc2ff2b203f97e6675d7b5ba0a22a17. It is recommended to upgrade the affected component.
Severity
CWE
- CWE-330 - Insufficiently Random Values
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.274116 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.274116 | signaturepermissions-required |
| https://vuldb.com/?submit.385004 | third-party-advisory |
| https://github.com/projectsend/projectsend/commit… | patch |
| https://github.com/projectsend/projectsend/releas… | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | projectsend |
Affected:
r1605
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7659",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T17:14:46.461957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T17:15:00.214Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Password Reset Token Handler"
],
"product": "projectsend",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "r1605"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Casp3r0x0 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in projectsend up to r1605. Affected is the function generate_random_string of the file includes/functions.php of the component Password Reset Token Handler. The manipulation leads to insufficiently random values. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. Upgrading to version r1720 is able to address this issue. The name of the patch is aa27eb97edc2ff2b203f97e6675d7b5ba0a22a17. It is recommended to upgrade the affected component."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in projectsend bis r1605 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist die Funktion generate_random_string der Datei includes/functions.php der Komponente Password Reset Token Handler. Durch das Manipulieren mit unbekannten Daten kann eine insufficiently random values-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Ein Aktualisieren auf die Version r1720 vermag dieses Problem zu l\u00f6sen. Der Patch wird als aa27eb97edc2ff2b203f97e6675d7b5ba0a22a17 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-11T02:31:04.263Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-274116 | projectsend Password Reset Token functions.php generate_random_string random values",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.274116"
},
{
"name": "VDB-274116 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.274116"
},
{
"name": "Submit #385004 | ProjectSend ProjectSend file sharing web application r1605 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.385004"
},
{
"tags": [
"patch"
],
"url": "https://github.com/projectsend/projectsend/commit/aa27eb97edc2ff2b203f97e6675d7b5ba0a22a17"
},
{
"tags": [
"patch"
],
"url": "https://github.com/projectsend/projectsend/releases/tag/r1720"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-08-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-08-10T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-08-10T10:05:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "projectsend Password Reset Token functions.php generate_random_string random values"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-7659",
"datePublished": "2024-08-11T02:31:04.263Z",
"dateReserved": "2024-08-10T08:00:04.212Z",
"dateUpdated": "2024-08-13T17:15:00.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10671 (GCVE-0-2025-10671)
Vulnerability from cvelistv5 – Published: 2025-09-18 14:32 – Updated: 2025-09-19 17:10
VLAI
Title
youth-is-as-pale-as-poetry e-learning JWT Token JwtUtils.java encryptSecret random values
Summary
A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Impacted is the function encryptSecret of the file e-learning-master\exam-api\src\main\java\com\yf\exam\ability\shiro\jwt\JwtUtils.java of the component JWT Token Handler. The manipulation leads to insufficiently random values. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used.
Severity
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.324792 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.324792 | signaturepermissions-required |
| https://vuldb.com/?submit.653029 | third-party-advisory |
| https://github.com/SuJing-cy/CVE/blob/main/yfhl.md | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| youth-is-as-pale-as-poetry | e-learning |
Affected:
1.0
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10671",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-19T17:01:58.559280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T17:10:06.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"JWT Token Handler"
],
"product": "e-learning",
"vendor": "youth-is-as-pale-as-poetry",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "chen_yun_n (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Impacted is the function encryptSecret of the file e-learning-master\\exam-api\\src\\main\\java\\com\\yf\\exam\\ability\\shiro\\jwt\\JwtUtils.java of the component JWT Token Handler. The manipulation leads to insufficiently random values. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in youth-is-as-pale-as-poetry e-learning 1.0 gefunden. Es betrifft die Funktion encryptSecret der Datei e-learning-master\\exam-api\\src\\main\\java\\com\\yf\\exam\\ability\\shiro\\jwt\\JwtUtils.java der Komponente JWT Token Handler. Mittels Manipulieren mit unbekannten Daten kann eine insufficiently random values-Schwachstelle ausgenutzt werden. Der Angriff kann remote ausgef\u00fchrt werden. Das Durchf\u00fchren eines Angriffs ist mit einer relativ hohen Komplexit\u00e4t verbunden. Das Ausnutzen gilt als schwierig. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T14:32:05.630Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-324792 | youth-is-as-pale-as-poetry e-learning JWT Token JwtUtils.java encryptSecret random values",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.324792"
},
{
"name": "VDB-324792 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.324792"
},
{
"name": "Submit #653029 | https://gitee.com/youth-is-as-pale-as-poetry/e-learning ExamSystem V1.0 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.653029"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/SuJing-cy/CVE/blob/main/yfhl.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-18T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-18T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-18T07:45:34.000Z",
"value": "VulDB entry last update"
}
],
"title": "youth-is-as-pale-as-poetry e-learning JWT Token JwtUtils.java encryptSecret random values"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10671",
"datePublished": "2025-09-18T14:32:05.630Z",
"dateReserved": "2025-09-18T05:40:30.834Z",
"dateUpdated": "2025-09-19T17:10:06.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10745 (GCVE-0-2025-10745)
Vulnerability from cvelistv5 – Published: 2025-09-26 03:25 – Updated: 2026-04-08 17:10
VLAI
Title
Banhammer – Monitor Site Traffic, Block Bad Users and Bots <= 3.4.8 - Unauthenticated Protection Mechanism Bypass
Summary
The Banhammer – Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable to Blocking Bypass in all versions up to, and including, 3.4.8. This is due to a site-wide “secret key” being deterministically generated from a constant character set using md5() and base64_encode() and then stored in the `banhammer_secret_key` option. This makes it possible for unauthenticated attackers to bypass the plugin’s logging and blocking by appending a GET parameter named `banhammer-process_{SECRET}` where `{SECRET}` is the predictable value, thereby causing Banhammer to abort its protections for that request.
Severity
5.3 (Medium)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| specialk | Banhammer – Monitor Site Traffic, Block Bad Users and Bots |
Affected:
0 , ≤ 3.4.8
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10745",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-26T19:32:14.193040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T19:32:24.596Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Banhammer \u2013 Monitor Site Traffic, Block Bad Users and Bots",
"vendor": "specialk",
"versions": [
{
"lessThanOrEqual": "3.4.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jonas Benjamin Friedli"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Banhammer \u2013 Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable to Blocking Bypass in all versions up to, and including, 3.4.8. This is due to a site-wide \u201csecret key\u201d being deterministically generated from a constant character set using md5() and base64_encode() and then stored in the `banhammer_secret_key` option. This makes it possible for unauthenticated attackers to bypass the plugin\u2019s logging and blocking by appending a GET parameter named `banhammer-process_{SECRET}` where `{SECRET}` is the predictable value, thereby causing Banhammer to abort its protections for that request."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:10:32.674Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/97c46a13-6981-426f-b24a-c9820657042f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/banhammer/trunk/inc/banhammer-functions.php#L336"
},
{
"url": "https://plugins.trac.wordpress.org/browser/banhammer/trunk/inc/banhammer-core.php#L101"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3365979%40banhammer\u0026new=3365979%40banhammer\u0026sfp_email=\u0026sfph_mail="
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3365087%40banhammer\u0026new=3365087%40banhammer\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-19T20:59:34.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-09-25T14:27:24.000Z",
"value": "Disclosed"
}
],
"title": "Banhammer \u2013 Monitor Site Traffic, Block Bad Users and Bots \u003c= 3.4.8 - Unauthenticated Protection Mechanism Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10745",
"datePublished": "2025-09-26T03:25:34.436Z",
"dateReserved": "2025-09-19T19:27:00.940Z",
"dateUpdated": "2026-04-08T17:10:32.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11707 (GCVE-0-2025-11707)
Vulnerability from cvelistv5 – Published: 2025-12-13 04:31 – Updated: 2026-04-08 17:11
VLAI
Title
Login Lockdown & Protection <= 2.14 - IP Block Bypass
Summary
The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock_key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys for their IP Address. This makes it possible for unauthenticated attackers to bypass blocks due to invalid login attempts.
Severity
5.3 (Medium)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| webfactory | Login Lockdown & Protection |
Affected:
0 , ≤ 2.14
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11707",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-15T15:25:00.484125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T15:33:35.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Login Lockdown \u0026 Protection",
"vendor": "webfactory",
"versions": [
{
"lessThanOrEqual": "2.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "William Cooke"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Login Lockdown \u0026 Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock_key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys for their IP Address. This makes it possible for unauthenticated attackers to bypass blocks due to invalid login attempts."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:11:26.978Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c732ea2-0263-4b18-9aa4-29e387b26362?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3389843%40login-lockdown\u0026new=3389843%40login-lockdown\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-12T15:27:33.000Z",
"value": "Disclosed"
}
],
"title": "Login Lockdown \u0026 Protection \u003c= 2.14 - IP Block Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11707",
"datePublished": "2025-12-13T04:31:30.625Z",
"dateReserved": "2025-10-13T19:44:59.728Z",
"dateUpdated": "2026-04-08T17:11:26.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11723 (GCVE-0-2025-11723)
Vulnerability from cvelistv5 – Published: 2026-01-06 03:21 – Updated: 2026-04-08 17:13
VLAI
Title
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.5 - Unauthenticated Sensitive Information Exposure
Summary
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back salt. This makes it possible for unauthenticated attackers to generate a valid token across sites running the plugin that have not manually set a salt in the wp-config.php file and access booking information that will allow them to make modifications.
Severity
6.5 (Medium)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin |
Affected:
0 , ≤ 1.6.9.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:19:09.718275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T18:56:21.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin",
"vendor": "croixhaug",
"versions": [
{
"lessThanOrEqual": "1.6.9.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucas Montes"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back salt. This makes it possible for unauthenticated attackers to generate a valid token across sites running the plugin that have not manually set a salt in the wp-config.php file and access booking information that will allow them to make modifications."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:13:22.766Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5f3fbd2-6152-4a89-8fe9-982120d1a640?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3393919/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-20T19:32:38.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-05T15:10:45.000Z",
"value": "Disclosed"
}
],
"title": "Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin \u003c= 1.6.9.5 - Unauthenticated Sensitive Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11723",
"datePublished": "2026-01-06T03:21:38.601Z",
"dateReserved": "2025-10-13T20:37:05.956Z",
"dateUpdated": "2026-04-08T17:13:22.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12787 (GCVE-0-2025-12787)
Vulnerability from cvelistv5 – Published: 2025-11-11 11:03 – Updated: 2026-04-08 16:50
VLAI
Title
Hydra Booking – All in One Appointment Booking System | Appointment Scheduling, Booking Calendar & WooCommerce Bookings <= 1.1.27 - Unauthenticated Arbitrary Booking Cancellation via Weak Hash Generation
Summary
The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to unauthorized booking cancellation in all versions up to, and including, 1.1.27. This is due to the plugin's "tfhb_meeting_form_submit_callback" function using insufficiently random values to generate booking cancellation tokens, combined with a globally shared nonce. This makes it possible for unauthenticated attackers to cancel arbitrary bookings via brute force attacks against the tfhb_meeting_form_cencel AJAX endpoint.
Severity
5.3 (Medium)
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| themefic | Hydra Booking — Appointment Scheduling & Booking Calendar |
Affected:
0 , ≤ 1.1.27
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12787",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T15:24:03.918929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T15:29:36.323Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Hydra Booking \u2014 Appointment Scheduling \u0026 Booking Calendar",
"vendor": "themefic",
"versions": [
{
"lessThanOrEqual": "1.1.27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ahmad Salem"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Hydra Booking \u2014 Appointment Scheduling \u0026 Booking Calendar plugin for WordPress is vulnerable to unauthorized booking cancellation in all versions up to, and including, 1.1.27. This is due to the plugin\u0027s \"tfhb_meeting_form_submit_callback\" function using insufficiently random values to generate booking cancellation tokens, combined with a globally shared nonce. This makes it possible for unauthenticated attackers to cancel arbitrary bookings via brute force attacks against the tfhb_meeting_form_cencel AJAX endpoint."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:50:23.131Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/490dd84f-7c03-43c7-b4e1-167fa2b15c03?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3392864/hydra-booking/tags/1.1.28/app/Shortcode/HydraBookingShortcode.php?old=3392467\u0026old_path=hydra-booking%2Ftags%2F1.1.27%2Fapp%2FShortcode%2FHydraBookingShortcode.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-28T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-11-06T00:26:23.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-10T22:27:05.000Z",
"value": "Disclosed"
}
],
"title": "Hydra Booking \u2013 All in One Appointment Booking System | Appointment Scheduling, Booking Calendar \u0026 WooCommerce Bookings \u003c= 1.1.27 - Unauthenticated Arbitrary Booking Cancellation via Weak Hash Generation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12787",
"datePublished": "2025-11-11T11:03:45.316Z",
"dateReserved": "2025-11-05T23:23:11.777Z",
"dateUpdated": "2026-04-08T16:50:23.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13353 (GCVE-0-2025-13353)
Vulnerability from cvelistv5 – Published: 2025-12-02 11:03 – Updated: 2025-12-02 16:54
VLAI
Title
gokey allows secret recovery from a seed file without the master password
Summary
In gokey versions <0.2.0,
a flaw in the seed decryption logic resulted in passwords incorrectly
being derived solely from the initial vector and the AES-GCM
authentication tag of the key seed.
This issue has been fixed in gokey version 0.2.0. This is a breaking change. The fix has invalidated any passwords/secrets that were derived from the seed file (using the -s option). Even if the input seed file stays the same, version 0.2.0 gokey will generate different secrets.
Impact
This vulnerability impacts generated keys/secrets using a seed file as an entropy input (using the -s option). Keys/secrets generated just from the master password (without the -s
option) are not impacted. The confidentiality of the seed itself is
also not impacted (it is not required to regenerate the seed itself).
Specific impact includes:
* keys/secrets generated from a seed file may have lower entropy: it
was expected that the whole seed would be used to generate keys (240
bytes of entropy input), where in vulnerable versions only 28 bytes was
used
* a malicious entity could have recovered all passwords, generated
from a particular seed, having only the seed file in possession without
the knowledge of the seed master password
Patches
The code logic bug has been fixed in gokey version 0.2.0
and above. Due to the deterministic nature of gokey, fixed versions
will produce different passwords/secrets using seed files, as all seed
entropy will be used now.
System secret rotation guidance
It is advised for users to regenerate passwords/secrets using the patched version of gokey (0.2.0
and above), and provision/rotate these secrets into respective systems
in place of the old secret. A specific rotation procedure is
system-dependent, but most common patterns are described below.
Systems that do not require the old password/secret for rotation
Such systems usually have a "Forgot password" facility or a
similar facility allowing users to rotate their password/secrets by
sending a unique "magic" link to the user's email or phone. In such
cases users are advised to use this facility and input the newly
generated password secret, when prompted by the system.
Systems that require the old password/secret for rotation
Such systems usually have a modal password rotation window
usually in the user settings section requiring the user to input the
old and the new password sometimes with a confirmation. To
generate/recover the old password in such cases users are advised to:
* temporarily download gokey version 0.1.3 https://github.com/cloudflare/gokey/releases/tag/v0.1.3 for their respective operating system to recover the old password
* use gokey version 0.2.0 or above to generate the new password
* populate the system provided password rotation form
Systems that allow multiple credentials for the same account to be provisioned
Such systems usually require a secret or a cryptographic
key as a credential for access, but allow several credentials at the
same time. One example is SSH: a particular user may have several
authorized public keys configured on the SSH server for access. For such
systems users are advised to:
* generate a new secret/key/credential using gokey version 0.2.0 or above
* provision the new secret/key/credential in addition to the existing credential on the system
* verify that the access or required system operation is still possible with the new secret/key/credential
* revoke authorization for the existing/old credential from the system
Credit
This vulnerability was found by Théo Cusnir ( @mister_mime https://hackerone.com/mister_mime ) and responsibly disclosed through Cloudflare's bug bounty program.
Severity
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cloudflare | gokey |
Affected:
0.1.0 , < 0.2.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T16:50:27.674442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T16:54:23.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/cloudflare/gokey",
"product": "gokey",
"repo": "https://github.com/cloudflare/gokey",
"vendor": "Cloudflare",
"versions": [
{
"lessThan": "0.2.0",
"status": "affected",
"version": "0.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\n \u003cdiv\u003e\n \u003cp\u003eIn gokey versions \u003ccode\u003e\u0026lt;0.2.0\u003c/code\u003e,\n a flaw in the seed decryption logic resulted in passwords incorrectly \nbeing derived solely from the initial vector and the AES-GCM \nauthentication tag of the key seed.\u003c/p\u003e\n\u003cp\u003eThis issue has been fixed in gokey version \u003ccode\u003e0.2.0\u003c/code\u003e. This is a breaking change. The fix has invalidated any passwords/secrets that were derived from the seed file (using the \u003ccode\u003e-s\u003c/code\u003e option). Even if the input seed file stays the same, version \u003ccode\u003e0.2.0\u003c/code\u003e gokey will generate different secrets.\u003c/p\u003e\n\u003ch3\u003eImpact\u003c/h3\u003e\n\u003cp\u003eThis vulnerability impacts generated keys/secrets using a seed file as an entropy input (using the \u003ccode\u003e-s\u003c/code\u003e option). Keys/secrets generated just from the master password (without the \u003ccode\u003e-s\u003c/code\u003e\n option) are not impacted. The confidentiality of the seed itself is \nalso not impacted (it is not required to regenerate the seed itself). \nSpecific impact includes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ekeys/secrets generated from a seed file may have lower entropy: it \nwas expected that the whole seed would be used to generate keys (240 \nbytes of entropy input), where in vulnerable versions only 28 bytes was \nused\u003c/li\u003e\n\u003cli\u003ea malicious entity could have recovered all passwords, generated \nfrom a particular seed, having only the seed file in possession without \nthe knowledge of the seed master password\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatches\u003c/h3\u003e\n\u003cp\u003eThe code logic bug has been fixed in gokey version \u003ccode\u003e0.2.0\u003c/code\u003e\n and above. Due to the deterministic nature of gokey, fixed versions \nwill produce different passwords/secrets using seed files, as all seed \nentropy will be used now.\u003c/p\u003e\n\u003ch3\u003eSystem secret rotation guidance\u003c/h3\u003e\n\u003cp\u003eIt is advised for users to regenerate passwords/secrets using the patched version of gokey (\u003ccode\u003e0.2.0\u003c/code\u003e\n and above), and provision/rotate these secrets into respective systems \nin place of the old secret. A specific rotation procedure is \nsystem-dependent, but most common patterns are described below.\u003c/p\u003e\n\u003ch4\u003eSystems that do not require the old password/secret for rotation\u003c/h4\u003e\n\u003cp\u003eSuch systems usually have a \"Forgot password\" facility or a\n similar facility allowing users to rotate their password/secrets by \nsending a unique \"magic\" link to the user\u0027s email or phone. In such \ncases users are advised to use this facility and input the newly \ngenerated password secret, when prompted by the system.\u003c/p\u003e\n\u003ch4\u003eSystems that require the old password/secret for rotation\u003c/h4\u003e\n\u003cp\u003eSuch systems usually have a modal password rotation window\n usually in the user settings section requiring the user to input the \nold and the new password sometimes with a confirmation. To \ngenerate/recover the old password in such cases users are advised to:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003etemporarily download \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/cloudflare/gokey/releases/tag/v0.1.3\"\u003egokey version \u003ccode\u003e0.1.3\u003c/code\u003e\u003c/a\u003e for their respective operating system to recover the old password\u003c/li\u003e\n\u003cli\u003euse gokey version \u003ccode\u003e0.2.0\u003c/code\u003e or above to generate the new password\u003c/li\u003e\n\u003cli\u003epopulate the system provided password rotation form\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eSystems that allow multiple credentials for the same account to be provisioned\u003c/h4\u003e\n\u003cp\u003eSuch systems usually require a secret or a cryptographic \nkey as a credential for access, but allow several credentials at the \nsame time. One example is SSH: a particular user may have several \nauthorized public keys configured on the SSH server for access. For such\n systems users are advised to:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003egenerate a new secret/key/credential using gokey version \u003ccode\u003e0.2.0\u003c/code\u003e or above\u003c/li\u003e\n\u003cli\u003eprovision the new secret/key/credential in addition to the existing credential on the system\u003c/li\u003e\n\u003cli\u003everify that the access or required system operation is still possible with the new secret/key/credential\u003c/li\u003e\n\u003cli\u003erevoke authorization for the existing/old credential from the system\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCredit\u003c/h3\u003e\n\u003cp\u003eThis vulnerability was found by Th\u00e9o Cusnir (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://hackerone.com/mister_mime?type=user\"\u003e@mister_mime\u003c/a\u003e) and responsibly disclosed through Cloudflare\u0027s bug bounty program.\u003c/p\u003e\n \u003c/div\u003e\n\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "In gokey versions \u003c0.2.0,\n a flaw in the seed decryption logic resulted in passwords incorrectly \nbeing derived solely from the initial vector and the AES-GCM \nauthentication tag of the key seed.\n\n\nThis issue has been fixed in gokey version 0.2.0. This is a breaking change. The fix has invalidated any passwords/secrets that were derived from the seed file (using the -s option). Even if the input seed file stays the same, version 0.2.0 gokey will generate different secrets.\n\n\nImpact\nThis vulnerability impacts generated keys/secrets using a seed file as an entropy input (using the -s option). Keys/secrets generated just from the master password (without the -s\n option) are not impacted. The confidentiality of the seed itself is \nalso not impacted (it is not required to regenerate the seed itself). \nSpecific impact includes:\n\n\n\n * keys/secrets generated from a seed file may have lower entropy: it \nwas expected that the whole seed would be used to generate keys (240 \nbytes of entropy input), where in vulnerable versions only 28 bytes was \nused\n\n * a malicious entity could have recovered all passwords, generated \nfrom a particular seed, having only the seed file in possession without \nthe knowledge of the seed master password\n\n\n\n\nPatches\nThe code logic bug has been fixed in gokey version 0.2.0\n and above. Due to the deterministic nature of gokey, fixed versions \nwill produce different passwords/secrets using seed files, as all seed \nentropy will be used now.\n\n\nSystem secret rotation guidance\nIt is advised for users to regenerate passwords/secrets using the patched version of gokey (0.2.0\n and above), and provision/rotate these secrets into respective systems \nin place of the old secret. A specific rotation procedure is \nsystem-dependent, but most common patterns are described below.\n\n\nSystems that do not require the old password/secret for rotation\nSuch systems usually have a \"Forgot password\" facility or a\n similar facility allowing users to rotate their password/secrets by \nsending a unique \"magic\" link to the user\u0027s email or phone. In such \ncases users are advised to use this facility and input the newly \ngenerated password secret, when prompted by the system.\n\n\nSystems that require the old password/secret for rotation\nSuch systems usually have a modal password rotation window\n usually in the user settings section requiring the user to input the \nold and the new password sometimes with a confirmation. To \ngenerate/recover the old password in such cases users are advised to:\n\n\n\n * temporarily download gokey version 0.1.3 https://github.com/cloudflare/gokey/releases/tag/v0.1.3 for their respective operating system to recover the old password\n\n * use gokey version 0.2.0 or above to generate the new password\n\n * populate the system provided password rotation form\n\n\n\n\nSystems that allow multiple credentials for the same account to be provisioned\nSuch systems usually require a secret or a cryptographic \nkey as a credential for access, but allow several credentials at the \nsame time. One example is SSH: a particular user may have several \nauthorized public keys configured on the SSH server for access. For such\n systems users are advised to:\n\n\n\n * generate a new secret/key/credential using gokey version 0.2.0 or above\n\n * provision the new secret/key/credential in addition to the existing credential on the system\n\n * verify that the access or required system operation is still possible with the new secret/key/credential\n\n * revoke authorization for the existing/old credential from the system\n\n\n\n\nCredit\nThis vulnerability was found by Th\u00e9o Cusnir ( @mister_mime https://hackerone.com/mister_mime ) and responsibly disclosed through Cloudflare\u0027s bug bounty program."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T11:03:21.832Z",
"orgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"shortName": "cloudflare"
},
"references": [
{
"url": "https://github.com/cloudflare/gokey/security/advisories/GHSA-69jw-4jj8-fcxm"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "gokey allows secret recovery from a seed file without the master password",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a22f1246-ba21-4bb4-a601-ad51614c1513",
"assignerShortName": "cloudflare",
"cveId": "CVE-2025-13353",
"datePublished": "2025-12-02T11:03:21.832Z",
"dateReserved": "2025-11-18T11:21:27.669Z",
"dateUpdated": "2025-12-02T16:54:23.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13470 (GCVE-0-2025-13470)
Vulnerability from cvelistv5 – Published: 2025-11-21 17:05 – Updated: 2025-11-21 17:35
VLAI
Title
RNP 0.18.0 Vulnerable PKESK session keys
Summary
In RNP version 0.18.0 a refactoring regression causes the symmetric
session key used for Public-Key Encrypted Session Key (PKESK) packets to
be left uninitialized except for zeroing, resulting in it always being
an all-zero byte array.
Any data encrypted using public-key encryption
in this release can be decrypted trivially by supplying an all-zero
session key, fully compromising confidentiality.
The vulnerability affects only public key encryption (PKESK packets). Passphrase-based encryption (SKESK packets) is not affected.
Root cause: Vulnerable session key buffer used in PKESK packet generation.
The defect was introduced in commit `7bd9a8dc356aae756b40755be76d36205b6b161a` where initialization
logic inside `encrypted_build_skesk()` only randomized the key for the
SKESK path and omitted it for the PKESK path.
Severity
CWE
- CWE-330 - Use of Insufficiently Random Values
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://github.com/rnpgp/rnp/commit/7bd9a8dc356aa… | related |
| https://launchpad.net/ubuntu/+source/rnp | x_downstream-package |
| https://aur.archlinux.org/packages/rnp | x_downstream-package |
| https://packages.gentoo.org/packages/dev-util/librnp | x_downstream_package |
| https://bugzilla.redhat.com/show_bug.cgi?id=2415863 | issue-tracking |
| https://access.redhat.com/security/cve/cve-2025-13402 | third-party-advisory |
| https://open.ribose.com/advisories/ra-2025-11-20/ | vendor-advisory |
| https://github.com/rnpgp/rnp/releases/tag/v0.18.1 | release-notes |
Date Public
2025-11-21 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T17:35:25.938705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T17:35:33.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RNP",
"repo": "https://github.com/rnpgp/rnp",
"vendor": "Ribose",
"versions": [
{
"status": "affected",
"version": "0.18.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Johannes Roth (MTG AG)"
}
],
"datePublic": "2025-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eIn RNP version 0.18.0 a refactoring regression causes the symmetric \nsession key used for Public-Key Encrypted Session Key (PKESK) packets to\n be left uninitialized except for zeroing, resulting in it always being \nan all-zero byte array.\u003c/p\u003e\u003cp\u003eAny data encrypted using public-key encryption \nin this release can be decrypted trivially by supplying an all-zero \nsession key, fully compromising confidentiality.\u003cbr\u003e\u003cbr\u003eThe vulnerability affects only public key encryption (PKESK packets).\u0026nbsp; Passphrase-based encryption (SKESK packets) is not affected.\u003cbr\u003e\u003cbr\u003eRoot cause: Vulnerable session key buffer used in PKESK packet generation.\u003cbr\u003e\u003c/p\u003e\n\u003cp\u003eThe defect was introduced in commit `7bd9a8dc356aae756b40755be76d36205b6b161a` where initialization \nlogic inside `encrypted_build_skesk()` only randomized the key for the \nSKESK path and omitted it for the PKESK path.\u003c/p\u003e\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "In RNP version 0.18.0 a refactoring regression causes the symmetric \nsession key used for Public-Key Encrypted Session Key (PKESK) packets to\n be left uninitialized except for zeroing, resulting in it always being \nan all-zero byte array.\n\nAny data encrypted using public-key encryption \nin this release can be decrypted trivially by supplying an all-zero \nsession key, fully compromising confidentiality.\n\nThe vulnerability affects only public key encryption (PKESK packets).\u00a0 Passphrase-based encryption (SKESK packets) is not affected.\n\nRoot cause: Vulnerable session key buffer used in PKESK packet generation.\n\n\n\nThe defect was introduced in commit `7bd9a8dc356aae756b40755be76d36205b6b161a` where initialization \nlogic inside `encrypted_build_skesk()` only randomized the key for the \nSKESK path and omitted it for the PKESK path."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eDecryption succeeds for affected ciphertext using an all-zero session key.\u003c/li\u003e\u003cli\u003eAttack requires only possession of the ciphertext.\u003c/li\u003e\u003cli\u003ePrivate keys are not exposed.\u0026nbsp; Vulnerability is limited to session key generation path.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* Decryption succeeds for affected ciphertext using an all-zero session key.\n * Attack requires only possession of the ciphertext.\n * Private keys are not exposed.\u00a0 Vulnerability is limited to session key generation path."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Confidentiality issue for PKESK-encrypted data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/AU:Y/RE:H/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330 Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T17:17:44.765Z",
"orgId": "6504adb2-f5e9-4c9b-9eda-5e19c93bd9b3",
"shortName": "Ribose"
},
"references": [
{
"name": "Introducing commit",
"tags": [
"related"
],
"url": "https://github.com/rnpgp/rnp/commit/7bd9a8dc356aae756b40755be76d36205b6b161a"
},
{
"name": "Ubuntu package",
"tags": [
"x_downstream-package"
],
"url": "https://launchpad.net/ubuntu/+source/rnp"
},
{
"name": "Arch Linux AUR package",
"tags": [
"x_downstream-package"
],
"url": "https://aur.archlinux.org/packages/rnp"
},
{
"name": "Bugzilla report (may become public)",
"tags": [
"x_downstream_package"
],
"url": "https://packages.gentoo.org/packages/dev-util/librnp"
},
{
"tags": [
"issue-tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415863"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2025-13402"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://open.ribose.com/advisories/ra-2025-11-20/"
},
{
"tags": [
"release-notes"
],
"url": "https://github.com/rnpgp/rnp/releases/tag/v0.18.1"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cb\u003eFor standalone RNP users:\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eUpgrade to RNP 0.18.1 when available.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eFor distributions that have packaged 0.18.0:\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003ePlease update to 0.18.1 when released, or consider providing 0.17.1 as an\u003cbr\u003einterim option.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eFor Thunderbird packages using system RNP:\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eIf your Thunderbird package is built with system RNP support and RNP 0.18.0 is installed, update RNP to 0.18.1 or 0.17.1. Consider whether Thunderbird should continue using system RNP or switch to bundled RNP.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eFor all other users:\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eUsers who encrypted sensitive data using RNP 0.18.0 (standalone or via Thunderbird with system RNP 0.18.0) should re-encrypt that data with RNP 0.18.1 or 0.17.1 based on their security requirements.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "For standalone RNP users:\n\n\nUpgrade to RNP 0.18.1 when available.\n\nFor distributions that have packaged 0.18.0:\n\n\nPlease update to 0.18.1 when released, or consider providing 0.17.1 as an\ninterim option.\n\nFor Thunderbird packages using system RNP:\n\n\nIf your Thunderbird package is built with system RNP support and RNP 0.18.0 is installed, update RNP to 0.18.1 or 0.17.1. Consider whether Thunderbird should continue using system RNP or switch to bundled RNP.\n\nFor all other users:\n\n\nUsers who encrypted sensitive data using RNP 0.18.0 (standalone or via Thunderbird with system RNP 0.18.0) should re-encrypt that data with RNP 0.18.1 or 0.17.1 based on their security requirements."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-06-19T00:00:00.000Z",
"value": "RNP 0.18.0 released (vulnerability introduced)."
},
{
"lang": "en",
"time": "2025-11-07T00:00:00.000Z",
"value": "Vulnerability discovered and reported by Johannes Roth (MTG AG)."
},
{
"lang": "en",
"time": "2025-11-19T00:00:00.000Z",
"value": "CVE-2025-13402 assigned by Red Hat."
},
{
"lang": "en",
"time": "2025-11-20T00:00:00.000Z",
"value": "CVE-2025-13470 assigned by Ribose/MITRE."
},
{
"lang": "en",
"time": "2025-11-20T00:00:00.000Z",
"value": "Fix developed and tested."
},
{
"lang": "en",
"time": "2025-11-21T00:00:00.000Z",
"value": "Planned release date for RNP 0.18.1."
},
{
"lang": "en",
"time": "2025-11-21T00:00:00.000Z",
"value": "Public disclosure (same day as release)."
}
],
"title": "RNP 0.18.0 Vulnerable PKESK session keys",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No workaround.\u0026nbsp; All PKESK-encrypted ciphertext produced with 0.18.0 is compromised.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "No workaround.\u00a0 All PKESK-encrypted ciphertext produced with 0.18.0 is compromised."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "6504adb2-f5e9-4c9b-9eda-5e19c93bd9b3",
"assignerShortName": "Ribose",
"cveId": "CVE-2025-13470",
"datePublished": "2025-11-21T17:05:15.683Z",
"dateReserved": "2025-11-20T08:36:59.270Z",
"dateUpdated": "2025-11-21T17:35:33.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
- In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
- Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Phase: Implementation
Description:
- Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
Mitigation ID: MIT-2
Phases: Architecture and Design, Requirements
Strategy: Libraries or Frameworks
Description:
- Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-485: Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.