Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-3538
HistoryJun 02, 2021 - 2:15 p.m.

CVE-2021-3538

2021-06-0214:15:00
CWE-338
[email protected]
web.nvd.nist.gov
45
2
cve-2021-3538
flaw
github
satori
uuid
insecure randomness
predictable
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.1%

JSON

A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.

Social References

More

Related

github 1
osv 4
prion 1
veracode 1
debiancve 1
redhatcve 1
ubuntucve 1
ibm 3
github
github
Predictable SIF UUID Identifiers
2023-02-07 22:57:53
osv
osv
Predictable SIF UUID Identifiers
2023-02-07 22:57:53
GO-2020-0018
2021-04-14 20:04:52
Insufficient randomness in UUIDs in github.com/satori/go.uuid
2022-07-15 23:06:26
prion
prion
Design/Logic Flaw
2021-06-02 14:15:00
veracode
veracode
Insecure Random Number Generator
2021-06-03 07:27:34
debiancve
debiancve
CVE-2021-3538
2021-06-02 14:15:00
redhatcve
redhatcve
CVE-2021-3538
2021-05-05 19:49:33
ubuntucve
ubuntucve
CVE-2021-3538
2021-06-02 00:00:00
ibm
ibm
Security Bulletin: IBM Security Guardium Insights is affected by multiple vulnerabilities (CVE-2021-3538, CVE-2021-33502, CVE-2021-3450, CVE-2021-3449)
2021-10-06 12:30:35
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-04-24 19:15:42
Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data
2022-06-29 17:05:30

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.1%

JSON
Related for CVE-2021-3538
github1osv4prion1veracode1debiancve1redhatcve1ubuntucve1ibm3