Improper Initialization of PRNG in IBM Worklight and Mobile Foundation

Improper Initialization of PRNG in IBM Worklight and Mobile Foundation

CVE-2013-5391 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128.

Learn more about our Cis Benchmark Audit For Google Android.