Lucene search
HistoryDec 01, 2007 - 6:46 a.m.
CVE-2007-5502
cve-2007-5502
openssl
fips
prng
vulnerability
nvd
randomness
auto-seeding
self-test
6.5 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
75.3%
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openssl:fips_object_module | openssl fips object module | eq | 1.1.1 |
Related
f5
f5
SOL8331 - OpenSSL FIPS Object Module 1.1 vulnerability - CVE-2007-5502
2008-01-28 00:00:00
K8331 : OpenSSL FIPS Object Module 1.1 vulnerability - CVE-2007-5502
2013-03-19 00:00:00
cvelist
cvelist
CVE-2007-5502
2007-12-01 02:00:00
ubuntucve
ubuntucve
CVE-2007-5502
2007-12-01 00:00:00
cert
cert
OpenSSL FIPS Object Module fails to properly generate random seeds
2008-01-03 00:00:00
prion
prion
Design/Logic Flaw
2007-12-01 06:46:00
openssl
openssl
Vulnerability in OpenSSL CVE-2007-5502
2007-11-29 00:00:00
6.5 Medium
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
75.3%
Related for CVE-2007-5502