CWE-327
Use of a Broken or Risky Cryptographic Algorithm
Description
The product uses a broken or risky cryptographic algorithm or protocol.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-20 · CAPEC-459 · CAPEC-473 · CAPEC-475 · CAPEC-608 · CAPEC-614 · CAPEC-97
CVEs mapped to this weakness (257)
page 13 of 13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-7689 | — | 0.00 | — | 0.01 | Jul 1, 2020 | Data is truncated wrong when its length is greater than 255 bytes. | ||
| CVE-2020-13757 | — | 0.00 | — | 0.01 | Jun 1, 2020 | Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application… | ||
| CVE-2019-15795 | — | 0.00 | — | 0.00 | Mar 26, 2020 | python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been… | ||
| CVE-2011-2487 | 0.00 | — | 0.02 | Mar 11, 2020 | The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. | |||
| CVE-2020-5229 | 0.00 | — | 0.01 | Jan 30, 2020 | Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is… | |||
| CVE-2019-19316 | — | 0.00 | — | 0.01 | Dec 2, 2019 | When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP. | ||
| CVE-2019-16370 | — | 0.00 | — | 0.01 | Sep 16, 2019 | The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900. | ||
| CVE-2019-16143 | — | 0.00 | — | 0.01 | Sep 9, 2019 | An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes. | ||
| CVE-2019-9155 | — | 0.00 | — | 0.01 | Aug 22, 2019 | A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key. | ||
| CVE-2016-5431 | — | 0.00 | — | 0.01 | Aug 7, 2019 | The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens. | ||
| CVE-2019-7858 | 0.00 | — | 0.01 | Aug 2, 2019 | A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks. | |||
| CVE-2019-5919 | — | 0.00 | — | 0.01 | Mar 12, 2019 | An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors. | ||
| CVE-2019-0187 | — | 0.00 | — | 0.03 | Mar 6, 2019 | Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests… | ||
| CVE-2018-12420 | Hig | 0.00 | 7.5 | 0.01 | Jun 14, 2018 | IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. | ||
| CVE-2007-6755 | 0.00 | — | 0.01 | Oct 11, 2013 | The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat… | |||
| CVE-2012-2146 | 0.00 | — | 0.02 | Aug 26, 2012 | Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector (IV), which makes it easier for context-dependent users to obtain sensitive information and decrypt the database. | |||
| CVE-2009-2273 | 0.00 | — | 0.01 | Jul 1, 2009 | The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. |
- CVE-2020-7689Jul 1, 2020risk 0.00cvss —epss 0.01
Data is truncated wrong when its length is greater than 255 bytes.
- CVE-2020-13757Jun 1, 2020risk 0.00cvss —epss 0.01
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application…
- CVE-2019-15795Mar 26, 2020risk 0.00cvss —epss 0.00
python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been…
- CVE-2011-2487Mar 11, 2020risk 0.00cvss —epss 0.02
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
- CVE-2020-5229Jan 30, 2020risk 0.00cvss —epss 0.01
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is…
- CVE-2019-19316Dec 2, 2019risk 0.00cvss —epss 0.01
When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP.
- CVE-2019-16370Sep 16, 2019risk 0.00cvss —epss 0.01
The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900.
- CVE-2019-16143Sep 9, 2019risk 0.00cvss —epss 0.01
An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes.
- CVE-2019-9155Aug 22, 2019risk 0.00cvss —epss 0.01
A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.
- CVE-2016-5431Aug 7, 2019risk 0.00cvss —epss 0.01
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.
- CVE-2019-7858Aug 2, 2019risk 0.00cvss —epss 0.01
A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks.
- CVE-2019-5919Mar 12, 2019risk 0.00cvss —epss 0.01
An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.
- CVE-2019-0187Mar 6, 2019risk 0.00cvss —epss 0.03
Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests…
- risk 0.00cvss 7.5epss 0.01
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request.
- CVE-2007-6755Oct 11, 2013risk 0.00cvss —epss 0.01
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat…
- CVE-2012-2146Aug 26, 2012risk 0.00cvss —epss 0.02
Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector (IV), which makes it easier for context-dependent users to obtain sensitive information and decrypt the database.
- CVE-2009-2273Jul 1, 2009risk 0.00cvss —epss 0.01
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.