CWE-337
Overview
- CWE ID
- 337
- CWE Name
- Predictable Seed in Pseudo-Random Number Generator (PRNG)
- CWE Abstraction
- Variant
- CWE structure
- Simple
- CWE Status
- Draft
Description
A Pseudo-Random Number Generator (PRNG) is initialized from a predictable seed, such as the process ID or system time.
Extended Description
The use of predictable seeds significantly reduces the number of possible seeds that an attacker would need to test in order to predict which random numbers will be generated by the PRNG.
Related CWEs
| CWE ID | View ID | Nature | Ordinal |
|---|---|---|---|
| 335 | 1000 | ChildOf | Primary |