Insecure RandomUtil implementations must not be used JAVA-S1036
An instance of a RandomUtil implementation generated by JHipster was found which is unsuitable for cryptographic purposes.
JHipster versions below 6.3.0 (or JHipster Kotlin versions below and including 1.1.0) would generate a RandomUtil class that uses Apache's RandomStringUtils class insecurely, leading to generation of random data unsuitable for cryptographic purposes.
Bad Practice
This is an example of what a vulnerable RandomUtil class looks like:
import org.apache.commons.lang3.RandomStringUtils;
/**
* Utility class for generating random Strings.
*/
public final class RandomUtil {
private static final int DEF_COUNT = 20;
private RandomUtil() {
}
/**
* Generate a password.
*
* @return the generated password.
*/
public static String generatePassword() {
return RandomStringUtils.randomAlphanumeric(DEF_COUNT); // This call is not using SecureRandom and will generate predictable passwords.
}
// ...
}
Recommended
- Upgrade to the latest version of JHipster if possible
You can find the latest JHipster version at their release page.
- Modify the
RandomUtiljava file to fix the issue
This is a very simple way to fix the issue. To do so, replace the contents of the existing RandomUtil.java file with that of the one linked here. This fixed version uses an instance of java.security.SecureRandom to ensure that random numbers are securely generated.
References
- JHipster Kotlin - security advisory for versions below 1.2.0
- JHipster - v6.3.0 Release Notes
- CloudFlare - Why secure systems require random numbers
- NVD - CVE-2019-16303 - JHipster RandomUtil Vulnerability
- CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
- CWE-640 - Weak Password Recovery Mechanism For Forgotten Password
- OWASP Top Ten (2021) - Category A02 - Cryptographic Failures
- OWASP Top Ten (2021) - Category A07 - Identification and Authentication Failures