CVE-2013-5391

Name of the Vulnerable Software and Affected Versions IBM Worklight Consumer and Enterprise Editions versions 5.0.x through 5.0.5 and versions 6.0.x through 6.0.0 before Fix Pack 2 IBM Mobile Foundation Consumer and Enterprise Editions versions 5.0.x through 5.0.5 and version 6.0.0 before Fix Pack 2

Description The issue makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program.

Recommendations For IBM Worklight Consumer and Enterprise Editions versions 5.0.x through 5.0.5, update to version 5.0.6 Fix Pack 2 or later. For IBM Worklight Consumer and Enterprise Editions versions 6.0.x through 6.0.0 before Fix Pack 2, update to version 6.0.0 Fix Pack 2 or later. For IBM Mobile Foundation Consumer and Enterprise Editions versions 5.0.x through 5.0.5, update to version 5.0.6 Fix Pack 2 or later. For IBM Mobile Foundation Consumer and Enterprise Editions version 6.0.0 before Fix Pack 2, update to version 6.0.0 Fix Pack 2 or later.