CVE-2016-4980Use of Insufficiently Random Values in Xquest

CWE-330Use of Insufficiently Random ValuesCWE-331Insufficient Entropy5 documents4 sources
Severity
2.5LOWNVD
EPSS
0.1%
top 67.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Ethz XquestXguestFedoraproject Fedora+1 more
Timeline
PublishedNov 27
Latest updateMay 24

Description

A password generation weakness exists in xquest through 2016-06-13.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.0 | Impact: 1.4

Affected Packages2 packages

NVDethz/xquest2016-06-13
CVEListV5xguest/xguestthrough 2016-06-13

Also affects: Fedora 23, Enterprise Linux 6.0, 7.0

🔴Vulnerability Details

1
GHSA
GHSA-pm4j-hv98-68cq: A password generation weakness exists in xquest through 2016-06-132022-05-24

📋Vendor Advisories

1
Red Hat
xguest insecure password creation2016-06-13

💬Community

2
Bugzilla
CVE-2016-4980 xguest: xguest insecure password creation [fedora-all]2016-06-13
Bugzilla
CVE-2016-4980 xguest insecure password creation2016-06-13