CWE-334 - Small Space of Random Values
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Small Space of Random Values
Description
The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.
Common Consequences
Scope: Access Control, Other
Impact: Bypass Protection Mechanism, Other
Notes: An attacker could easily guess the values used. This could lead to unauthorized access to a system if the seed is used for authentication and authorization.