CVE-2013-7373

Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.

Published: Apr 29, 2014
Updated: Apr 13, 2023
CVE: CVE-2013-7373
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
google / android	2.2.3	2.2.3.x
google / android	2.0.1	2.0.1.x
google / android	1.0	1.0.x
google / android	3.2.6	3.2.6.x
google / android	4.2	4.2.x
google / android	1.6	1.6.x
google / android	2.1	2.1.x
google / android	4.1	4.1.x
google / android	3.2.4	3.2.4.x
google / android	3.2	3.2.x
google / android	3.2.2	3.2.2.x
google / android	4.0.2	4.0.2.x
google / android	2.3-rev1	2.3-rev1.x
google / android	-	4.3.1.x
google / android	2.3.6	2.3.6.x
google / android	4.0.4	4.0.4.x
google / android	4.3	4.3.x
google / android	4.0.1	4.0.1.x
google / android	2.3.3	2.3.3.x
google / android	3.0	3.0.x
google / android	2.0	2.0.x
google / android	4.2.1	4.2.1.x
google / android	2.3.1	2.3.1.x
google / android	2.3.5	2.3.5.x
google / android	1.5	1.5.x
google / android	3.1	3.1.x
google / android	4.0.3	4.0.3.x
google / android	2.2.1	2.2.1.x
google / android	2.2.2	2.2.2.x
google / android	2.2	2.2.x
google / android	2.3.4	2.3.4.x
google / android	4.0	4.0.x
google / android	2.3.7	2.3.7.x
google / android	2.2-rev1	2.2-rev1.x
google / android	1.1	1.1.x
google / android	4.2.2	4.2.2.x
google / android	2.3.2	2.3.2.x
google / android	3.2.1	3.2.1.x
google / android	2.3	2.3.x
google / android	4.1.2	4.1.2.x

Vulnerability Database

289,697

CVE-2013-7373