6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
The NAAS API keys are generated using an insecure pseudo-random string and hashing algorithm, which may lead to predictable keys. (CVE-2021-23020)
Impact
Local attackers are able to potentially generate a valid user key.