CWE-342: Predictable Exact Value from Previous Values
Learn about CWE-342 (Predictable Exact Value from Previous Values), its security impact, exploitation methods, and prevention guidelines.
What is Predictable Exact Value from Previous Values?
• Overview: This vulnerability occurs when an exact value or random number can be predicted by analyzing previous values, compromising the randomness or unpredictability of data, which is crucial for security-related functions.
• Exploitation Methods:
- Attackers can observe previous outputs of a random number generator to predict future outputs.
- Common attack patterns include reverse-engineering the algorithm used for random number generation or exploiting insufficiently randomized sequences.
• Security Impact:
- Direct consequences include unauthorized access, data manipulation, or bypassing security controls.
- Potential cascading effects could involve broader system compromise and data breaches.
- Business impact may include loss of customer trust, financial loss, and legal repercussions.
• Prevention Guidelines:
- Use cryptographically secure random number generators instead of standard ones for security-sensitive operations.
- Ensure randomness algorithms are properly seeded and use sufficient entropy sources.
- Regularly update and patch software to mitigate known vulnerabilities.
- Utilize security libraries and frameworks that offer robust random number generation capabilities.
Corgea can automatically detect and fix Predictable Exact Value from Previous Values in your codebase. Try Corgea free today.
Technical Details
Likelihood of Exploit: Not specified
Affected Languages: Not Language-Specific
Affected Technologies: Not specified
Vulnerable Code Example
JavaScript Example
// Vulnerable code: This implementation uses a simple counter to generate "random" numbers.
// The sequence is predictable after observing a few outputs, as each number is just an increment of the previous.
let counter = 0; // Initial counter value
function predictableRandom() {
return counter++; // Incrementing counter to generate the next "random" number
}
console.log(predictableRandom()); // Outputs: 0
console.log(predictableRandom()); // Outputs: 1
console.log(predictableRandom()); // Outputs: 2
Explanation
The above code demonstrates a vulnerability where the random number generator uses a simple counter increment. This makes the generated values predictable, as each output can be directly derived from the previous one by knowing the increment pattern. This is especially problematic in contexts where unpredictability is crucial, such as in generating tokens, session IDs, or cryptographic keys.
How to fix Predictable Exact Value from Previous Values?
To fix this vulnerability, use a cryptographically secure random number generator provided by modern JavaScript environments. These generators produce numbers that are non-deterministic and do not follow a predictable sequence.
Fixed Code Example
// Fixed code: Using a cryptographically secure random number generator
// This implementation uses Node.js's `crypto` module to generate secure random numbers.
const crypto = require('crypto');
function secureRandom() {
// Generates a random 32-bit integer within a specified range
return crypto.randomInt(0, 1000000); // Adjust the range as needed
}
console.log(secureRandom()); // Outputs: A secure random number
console.log(secureRandom()); // Outputs: Another secure random number
console.log(secureRandom()); // Outputs: Yet another secure random number
Explanation
In the fixed code, we use Node.js's crypto module's randomInt method, which generates a cryptographically secure random number within the specified range. This approach ensures that the numbers are not predictable, even after observing multiple outputs. Always prefer cryptographically secure functions over simple algorithms when randomness is required for security purposes. This is crucial in applications involving security, such as in cryptographic operations, where predictable numbers can lead to vulnerabilities.