The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2007-12-01T02:00:00
Updated: 2017-07-28T12:57:01
Reserved: 2007-10-17T00:00:00
Link: CVE-2007-5502
JSON object: View
NVD Information
Status : Modified
Published: 2007-12-01T06:46:00.000
Modified: 2017-07-29T01:33:43.163
Link: CVE-2007-5502
JSON object: View
Redhat Information
No data.
CWE