Insufficient Entropy

CVE-2020-29505

High

7.1/10

Summary

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-331 - Insufficient Entropy

The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

References

Advisory Timeline

Published Jul 11, 2022

Insufficient Entropy

CVE-2020-29505

Summary

CWE-331 - Insufficient Entropy

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS