CWE-1414: Comprehensive Categorization: Randomness
ID
CWE-1414
Status
Incomplete
Weaknesses in this category are related to randomness.
Relationships
| View | Weakness | ||||||
|---|---|---|---|---|---|---|---|
| # ID | Name | # ID | Name | Abstraction | Structure | Status | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-6 | J2EE Misconfiguration: Insufficient Session-ID Length | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-323 | Reusing a Nonce, Key Pair in Encryption | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-329 | Generation of Predictable IV with CBC Mode | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-330 | Use of Insufficiently Random Values | Class | Simple | Stable | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-331 | Insufficient Entropy | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-332 | Insufficient Entropy in PRNG | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-333 | Improper Handling of Insufficient Entropy in TRNG | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-334 | Small Space of Random Values | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-336 | Same Seed in Pseudo-Random Number Generator (PRNG) | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-337 | Predictable Seed in Pseudo-Random Number Generator (PRNG) | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-339 | Small Seed Space in PRNG | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-340 | Generation of Predictable Numbers or Identifiers | Class | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-341 | Predictable from Observable State | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-342 | Predictable Exact Value from Previous Values | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-343 | Predictable Value Range from Previous Values | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-344 | Use of Invariant Value in Dynamically Changing Context | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-1204 | Generation of Weak Initialization Vector (IV) | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-1241 | Use of Predictable Algorithm in Random Number Generator | Base | Simple | Draft | |
Loading...