Detections
Analytics

UUID/GUID Version 1 Detected

info Web App Scanning Plugin ID 114948

Language:

Synopsis

UUID/GUID Version 1 Detected

Description

This is an informational plugin to inform the user that the scanner has detected a UUID/GUID version 1.

UUID/GUID version 1 contains the MAC address of the computer that generated it, as well as a timestamp. This means that if an attacker can obtain a UUID/GUID version 1, they can infer host identity and generation time, and—because v1 embeds largely deterministic fields predict other identifiers generated around the same time (e.g., by enumerating timestamps/clock sequence). This enables correlation, enumeration, and token‑guessing attacks when v1 is used for security‑sensitive values.

Solution

Do not use UUID/GUID version 1 for secrets or identifiers that gate access. Prefer cryptographically random identifiers such as UUID/GUID version 4 (or version 7 backed by a CSPRNG).

See Also

https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html#uuids-and-guids

Plugin Details

Severity: Info

ID: 114948

Type: remote

Published: 9/3/2025

Updated: 9/3/2025

Scan Template: api, basic, full, overview, pci, scan