Generation of Predictable Numbers or Identifiers

CVE-2024-28957

Medium

5.3/10

Summary

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: LOW

CWE-340 - Generation of Predictable Numbers or Identifiers

The product uses a scheme that generates numbers or identifiers that are more predictable than required.

References

Advisory Timeline

Published Apr 15, 2024

Generation of Predictable Numbers or Identifiers

CVE-2024-28957

Summary

CWE-340 - Generation of Predictable Numbers or Identifiers

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS