CVE-2013-5391

IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
ibmworklight
5.0.0.0
ibmworklight
5.0.0.0
ibmworklight
5.0.5.0
ibmworklight
5.0.5.0
ibmworklight
5.0.6.0
ibmworklight
5.0.6.0
ibmworklight
6.0.0.0
ibmworklight
6.0.0.0
ibmmobile_foundation
5.0.0.0
ibmmobile_foundation
5.0.0.0
ibmmobile_foundation
5.0.5.0
ibmmobile_foundation
5.0.5.0
ibmmobile_foundation
5.0.6.0
ibmmobile_foundation
5.0.6.0
ibmmobile_foundation
6.0.0.0
ibmmobile_foundation
6.0.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21665731
https://exchange.xforce.ibmcloud.com/vulnerabilities/87128
http://www-01.ibm.com/support/docview.wss?uid=swg21665731
https://exchange.xforce.ibmcloud.com/vulnerabilities/87128