Vulnerability in IBM Worklight and Mobile Foundation due to PRNG Initialization Issues
CVE-2013-5391
5.3MEDIUM
Summary
The vulnerability arises from improper initialization of the pseudo random number generator (PRNG) in both the Android environment and the Java Cryptography Architecture (JCA) utilized in IBM Worklight and Mobile Foundation. This flaw can allow attackers to bypass cryptographic safeguards, making it easier for them to exploit applications using these platforms. Updates are recommended to mitigate the risks associated with these vulnerabilities.
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved