nvd-json-data-feeds/CVE-2024/CVE-2024-537xx/CVE-2024-53702.json

{
  "id": "CVE-2024-53702",
  "sourceIdentifier": "PSIRT@sonicwall.com",
  "published": "2024-12-05T14:15:21.880",
  "lastModified": "2024-12-05T16:15:26.077",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret."
    },
    {
      "lang": "es",
      "value": "Uso de una vulnerabilidad de generador de n\u00fameros pseudoaleatorios (PRNG) criptogr\u00e1ficamente d\u00e9bil en el generador de c\u00f3digo de respaldo SSLVPN SMA100 de SonicWall que, en ciertos casos, puede ser predicho por un atacante, exponiendo potencialmente el secreto generado."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "PSIRT@sonicwall.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-338"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018",
      "source": "PSIRT@sonicwall.com"
    }
  ]
}