Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-7373

Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.

Published

2014-04-29T20:55:09.013

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System google android ≤ 4.3.1 Yes
Operating System google android 1.0 Yes
Operating System google android 1.1 Yes
Operating System google android 1.5 Yes
Operating System google android 1.6 Yes
Operating System google android 2.0 Yes
Operating System google android 2.0.1 Yes
Operating System google android 2.1 Yes
Operating System google android 2.2 Yes
Operating System google android 2.2 Yes
Operating System google android 2.2.1 Yes
Operating System google android 2.2.2 Yes
Operating System google android 2.2.3 Yes
Operating System google android 2.3 Yes
Operating System google android 2.3 Yes
Operating System google android 2.3.1 Yes
Operating System google android 2.3.2 Yes
Operating System google android 2.3.3 Yes
Operating System google android 2.3.4 Yes
Operating System google android 2.3.5 Yes
Operating System google android 2.3.6 Yes
Operating System google android 2.3.7 Yes
Operating System google android 3.0 Yes
Operating System google android 3.1 Yes
Operating System google android 3.2 Yes
Operating System google android 3.2.1 Yes
Operating System google android 3.2.2 Yes
Operating System google android 3.2.4 Yes
Operating System google android 3.2.6 Yes
Operating System google android 4.0 Yes
Operating System google android 4.0.1 Yes
Operating System google android 4.0.2 Yes
Operating System google android 4.0.3 Yes
Operating System google android 4.0.4 Yes
Operating System google android 4.1 Yes
Operating System google android 4.1.2 Yes
Operating System google android 4.2 Yes
Operating System google android 4.2.1 Yes
Operating System google android 4.2.2 Yes
Operating System google android 4.3 Yes
References