About GET A DEMO

Backslash Vulnerability Database

Small Space of Random Values

Small Space of Random Values

CWE-334

CVSS severity (NVD, All Time)

Short description

The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.

Best practices to prevent this CWE

Phase: Architecture and Design; Requirements

Strategy: Libraries or Frameworks

Use products or modules that conform to FIPS 140-2 to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").

Recently published CVEs

CVE-2020-7566

Prioritize and Uncover Reachable Vulnerabilities in Your Application Code

Identify externally reachable data flows and vulnerabilities for effective risk mitigation

© 2023 Backslash. 28 HaArba'a St., Tel-Aviv Privacy Policy | Terms of Use