CVE-2017-9371

MEDIUM Year: 2017
CVSS v3 Score
5.9
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-332
View all →

Vulnerability Description

In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation.

Related Vulnerabilities

CVE-2023-20107

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Def...

CWE-3322023

CVE-2017-18486

HIGH
CVSS:7.2(High)

Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset ...

CWE-3322017

CVE-2014-9690

HIGH
CVSS:7.5(High)

Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the PIN offline brute force cracking vulnerability of the WPS protocol because the random number generator...

CWE-3322014

CVE-2016-10743

HIGH
CVSS:7.5(High)

hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.

CWE-3322016

CVE-2016-9154

HIGH
CVSS:7.5(High)

Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D (All firmware versions < V6.00.046) and Desigo PX Web modul...

CWE-3322016

CVE-2019-1715

HIGH
CVSS:7.5(High)

A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threa...

CWE-3322019