Increase the entropy used to seed a PRNG.
Strategy: Libraries or Frameworks Use products or modules that conform to FIPS 140-2 [ REF-267 ] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
Use a PRNG that periodically re-seeds itself using input from high-quality sources, such as hardware devices with high entropy. However, do not re-seed too frequently, or else the entropy source might block.
No detection method information available for this CWE.
No examples or observed CVEs available for this CWE.
No relationship information available for this CWE.
CWE-342: CWE-342: Predictable Exact Value from Previous Values is a Common Weakness Enumeration (CWE) entry maintained by MITRE. Description
If exploited, CWE-342 (CWE-342: Predictable Exact Value from Previous Values) it can compromise Varies by Context, leading to outcomes such as Scope: Other.
Recommended mitigations for CWE-342 include: Increase the entropy used to seed a PRNG. Strategy: Libraries or Frameworks Use products or modules that conform to FIPS 140-2 [ REF-267 ] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators"). Use a PRNG that periodically re-seeds itself using input from high-quality sources, such as hardware devices with high entropy. However, do not re-seed too frequently, or else the entropy source might block.
CWE-342 commonly affects Languages. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
A CWE (Common Weakness Enumeration) like CWE-342 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.