PT-2014-3402 · Openssl+1 · Openssl+1
Alexander Dymo
+1
·
Publicado
2014-04-29
·
Atualizado
2014-04-30
·
CVE-2013-7373
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 4.4
Description
The issue arises from the improper seeding of the OpenSSL PRNG in Android, making it easier for attackers to defeat cryptographic protection mechanisms. This is particularly concerning when the PRNG is used within multiple applications.
Recommendations
For Android versions prior to 4.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Openssl