Pivotal Cloud Foundry CredHub Service Broker Predictable Random Number Generator Weakness

Pivotal Cloud Foundry CredHub Service Broker is prone to a predictable random number generator weakness; fixes are available.


An attacker can exploit this issue to guess keys that could then be used to view/modify the client secret and credentials.

CredHub Service Broker for PCF versions prior to 1.1.0 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus