CWE-337 is a common weakness enumeration in software security. This database tracks 6 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-337?

There are 6 CVE vulnerabilities classified as CWE-337 with an average CVSS score of 8.4166666666667.

What is the severity distribution for CWE-337?

CWE-337 contains 3 critical, 2 high, 1 medium, and 0 low severity vulnerabilities.

CWE-337

Total CVEs

Vulnerabilities

Avg CVSS v3

8.4

High

Avg CVSS v2

5.0

Medium

Latest CVE

2024

Most Recent

Severity Distribution

Critical 3

50%

High 2

33.3%

Medium 1

16.7%

Low 0

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (6)

Page 1 of 1

CVE-2022-26852

CRITICAL

CVSS:9.8(Critical)

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an...

CWE-3372022

CVE-2020-28597

CRITICAL

CVSS:9.8(Critical)

A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An...

CWE-3372020

CVE-2022-40267

CRITICAL

CVSS:9.1(Critical)

Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X****...

CWE-3372022

CVE-2024-7558

HIGH

CVSS:8.7(High)

JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an...

CWE-3372024

CVE-2023-49343

HIGH

CVSS:7.8(High)

Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has ...

CWE-3372023

CVE-2016-15006

MEDIUM

CVSS:5.3(Medium)

A vulnerability, which was classified as problematic, has been found in enigmaX up to 2.2. This issue affects the function getSeed of the file main.c of the component Scrambling Table Handler. The man...

CWE-3372016