CVE-2013-5391
Summary
| CVE | CVE-2013-5391 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-04-27 16:29:00 UTC |
| Updated | 2018-06-04 16:23:00 UTC |
| Description | IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128. |
Risk And Classification
Problem Types: CWE-310
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Mobile Foundation | 5.0.0.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.0.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.5.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.5.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.6.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.6.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 6.0.0.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 6.0.0.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.0.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.0.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.5.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.5.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.6.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 5.0.6.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 6.0.0.0 | All | All | All |
| Application | Ibm | Mobile Foundation | 6.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.5.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.5.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.6.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.6.0 | All | All | All |
| Application | Ibm | Worklight | 6.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 6.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.5.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.5.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.6.0 | All | All | All |
| Application | Ibm | Worklight | 5.0.6.0 | All | All | All |
| Application | Ibm | Worklight | 6.0.0.0 | All | All | All |
| Application | Ibm | Worklight | 6.0.0.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Bulletin: IBM Worklight Android Pseudo Random Number Generator Weakness (CVE-2013-5391) | CONFIRM | www-01.ibm.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | VDB Entry, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.