VYPR

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

ClassDraftLikelihood: High

Description

The product uses a broken or risky cryptographic algorithm or protocol.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-20 · CAPEC-459 · CAPEC-473 · CAPEC-475 · CAPEC-608 · CAPEC-614 · CAPEC-97

CVEs mapped to this weakness (257)

page 5 of 13
  • CVE-2025-27508HigMar 5, 2025
    risk 0.42cvss 7.5epss 0.00

    Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases (e.g., SHA-1, CRC32, and SSDEEP).…

  • CVE-2020-26140MedMay 11, 2021
    risk 0.42cvss 6.5epss 0.03

    An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

  • CVE-2018-16806MedSep 10, 2018
    risk 0.42cvss 6.5epss 0.00

    A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception…

  • CVE-2018-5152MedJun 11, 2018
    risk 0.42cvss 6.5epss 0.02

    WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password…

  • CVE-2018-1000180HigJun 5, 2018
    risk 0.42cvss 7.5epss 0.04

    Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in…

  • CVE-2017-17382MedDec 13, 2017
    risk 0.42cvss 5.9epss 0.14

    Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA…

  • CVE-2015-0226HigOct 30, 2017
    risk 0.42cvss 7.5epss 0.06

    Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted…

  • CVE-2026-44053HigMay 21, 2026
    risk 0.41cvss 7.4epss 0.00

    Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack.

  • CVE-2025-3838MedApr 21, 2025
    risk 0.40cvss epss 0.00

    An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db…

  • CVE-2024-26317MedJan 27, 2025
    risk 0.40cvss 6.1epss 0.00

    In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINT_AT_INFINITY when it should not. A man-in-the-middle attacker could use this to…

  • CVE-2018-1428MedMar 22, 2018
    risk 0.40cvss 6.2epss 0.00

    IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139073.

  • CVE-2025-26486MedMar 19, 2025
    risk 0.39cvss 6.0epss 0.00

    Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient Computational Effort, Use of Weak Hash, Use of a One-Way Hash with a Predictable Salt vulnerabilities in Beta80 "Life 1st Identity Manager" enable an attacker with access to password hashes to…

  • CVE-2018-10845MedAug 22, 2018
    risk 0.39cvss 5.9epss 0.04

    It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.

  • CVE-2018-10844MedAug 22, 2018
    risk 0.39cvss 5.9epss 0.04

    It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.

  • CVE-2018-0737MedApr 16, 2018
    risk 0.39cvss 5.9epss 0.12

    The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev…

  • CVE-2026-45701MedJun 1, 2026
    risk 0.38cvss epss 0.00

    Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6.

  • CVE-2026-32959MedApr 20, 2026
    risk 0.38cvss 5.9epss 0.00

    SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle attack.

  • CVE-2025-13916MedApr 1, 2026
    risk 0.38cvss 5.9epss 0.00

    IBM Aspera Shares 1.9.9 through 1.11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information

  • CVE-2025-7383MedAug 29, 2025
    risk 0.38cvss epss 0.00

    Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.

  • CVE-2025-7071MedAug 29, 2025
    risk 0.38cvss epss 0.00

    Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.