A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts.
History

Mon, 14 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00021}

epss

{'score': 0.00016}


Mon, 14 Jul 2025 00:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}


Sun, 13 Jul 2025 23:45:00 +0000

Type Values Removed Values Added
Description CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts. A CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts.

Fri, 11 Jul 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00021}


Fri, 11 Jul 2025 09:30:00 +0000

Type Values Removed Values Added
Description CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installation or upgrade artifacts.
Weaknesses CWE-331
References
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:L/SA:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2025-07-11T09:17:19.014Z

Updated: 2025-07-13T23:30:21.080Z

Reserved: 2025-06-12T13:53:23.603Z

Link: CVE-2025-50122

cve-icon Vulnrichment

Updated: 2025-07-11T15:08:28.088Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-11T10:15:23.333

Modified: 2025-07-15T13:14:49.980

Link: CVE-2025-50122

cve-icon Redhat

No data.