Cryptographic Issues
CVE-2013-4347
Summary
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 before version 1.9rc1 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.
- MEDIUM
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- NONE
CWE-310 - Cryptographic Issues
Cryptographic issues is a category of weaknesses related to the design and implementation of the confidentiality and integrity of data. If not addressed, the weaknesses in this category can lead to data quality degradation.
References
Advisory Timeline
- Published