Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in Android before 4.4 and other products, when no seed is provided by the user, uses an incorrect offset value, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the resulting PRNG predictability, as exploited in the wild against Bitcoin wallet applications in August 2013.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.8%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2013-7372
  • Apache » Harmony » Version: 6.0
    cpe:2.3:a:apache:harmony:6.0
  • Google » Android » Version: N/A
    cpe:2.3:o:google:android:-
  • Google » Android » Version: 1.0
    cpe:2.3:o:google:android:1.0
  • Google » Android » Version: 1.1
    cpe:2.3:o:google:android:1.1
  • Google » Android » Version: 1.5
    cpe:2.3:o:google:android:1.5
  • Google » Android » Version: 1.6
    cpe:2.3:o:google:android:1.6
  • Google » Android » Version: 2.0
    cpe:2.3:o:google:android:2.0
  • Google » Android » Version: 2.0.1
    cpe:2.3:o:google:android:2.0.1
  • Google » Android » Version: 2.0.3
    cpe:2.3:o:google:android:2.0.3
  • Google » Android » Version: 2.1
    cpe:2.3:o:google:android:2.1
  • Google » Android » Version: 2.2
    cpe:2.3:o:google:android:2.2
  • Google » Android » Version: 2.2.1
    cpe:2.3:o:google:android:2.2.1
  • Google » Android » Version: 2.2.2
    cpe:2.3:o:google:android:2.2.2
  • Google » Android » Version: 2.2.3
    cpe:2.3:o:google:android:2.2.3
  • Google » Android » Version: 2.3
    cpe:2.3:o:google:android:2.3
  • Google » Android » Version: 2.3.1
    cpe:2.3:o:google:android:2.3.1
  • Google » Android » Version: 2.3.2
    cpe:2.3:o:google:android:2.3.2
  • Google » Android » Version: 2.3.3
    cpe:2.3:o:google:android:2.3.3
  • Google » Android » Version: 2.3.4
    cpe:2.3:o:google:android:2.3.4
  • Google » Android » Version: 2.3.5
    cpe:2.3:o:google:android:2.3.5
  • Google » Android » Version: 2.3.6
    cpe:2.3:o:google:android:2.3.6
  • Google » Android » Version: 2.3.7
    cpe:2.3:o:google:android:2.3.7
  • Google » Android » Version: 3.0
    cpe:2.3:o:google:android:3.0
  • Google » Android » Version: 3.1
    cpe:2.3:o:google:android:3.1
  • Google » Android » Version: 3.2
    cpe:2.3:o:google:android:3.2
  • Google » Android » Version: 3.2.1
    cpe:2.3:o:google:android:3.2.1
  • Google » Android » Version: 3.2.2
    cpe:2.3:o:google:android:3.2.2
  • Google » Android » Version: 3.2.4
    cpe:2.3:o:google:android:3.2.4
  • Google » Android » Version: 3.2.6
    cpe:2.3:o:google:android:3.2.6
  • Google » Android » Version: 4.0
    cpe:2.3:o:google:android:4.0
  • Google » Android » Version: 4.0.1
    cpe:2.3:o:google:android:4.0.1
  • Google » Android » Version: 4.0.2
    cpe:2.3:o:google:android:4.0.2
  • Google » Android » Version: 4.0.3
    cpe:2.3:o:google:android:4.0.3
  • Google » Android » Version: 4.0.4
    cpe:2.3:o:google:android:4.0.4
  • Google » Android » Version: 4.1
    cpe:2.3:o:google:android:4.1
  • Google » Android » Version: 4.1.1
    cpe:2.3:o:google:android:4.1.1
  • Google » Android » Version: 4.1.2
    cpe:2.3:o:google:android:4.1.2
  • Google » Android » Version: 4.2
    cpe:2.3:o:google:android:4.2
  • Google » Android » Version: 4.2.1
    cpe:2.3:o:google:android:4.2.1
  • Google » Android » Version: 4.2.2
    cpe:2.3:o:google:android:4.2.2
  • Google » Android » Version: 4.3
    cpe:2.3:o:google:android:4.3
  • Google » Android » Version: 4.3.1
    cpe:2.3:o:google:android:4.3.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved