VYPR

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

ClassDraftLikelihood: High

Description

The product uses a broken or risky cryptographic algorithm or protocol.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-20 · CAPEC-459 · CAPEC-473 · CAPEC-475 · CAPEC-608 · CAPEC-614 · CAPEC-97

CVEs mapped to this weakness (257)

page 6 of 13
  • CVE-2018-11070MedSep 11, 2018
    risk 0.38cvss 5.9epss 0.02

    RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

  • CVE-2018-11069MedSep 11, 2018
    risk 0.38cvss 5.9epss 0.01

    RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key.

  • CVE-2018-11057MedAug 31, 2018
    risk 0.38cvss 5.9epss 0.02

    RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key.

  • CVE-2018-15355MedAug 17, 2018
    risk 0.38cvss 5.9epss 0.01

    Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118.

  • CVE-2017-16718MedJun 27, 2018
    risk 0.38cvss 5.9epss 0.00

    Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol uses user configured routes, that can be edited remotely via ADS. This special command supports encrypted authentication with…

  • CVE-2017-17167MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could…

  • CVE-2017-8866MedDec 11, 2017
    risk 0.38cvss 5.9epss 0.01

    Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small pool of hardcoded keys, allowing a remote attacker to use a different Dino device to decrypt VoIP traffic between a child's Dino and remote server.

  • CVE-2017-8191MedNov 22, 2017
    risk 0.38cvss 5.9epss 0.01

    FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links.

  • CVE-2017-8157MedNov 22, 2017
    risk 0.38cvss 5.9epss 0.01

    OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information.

  • CVE-2017-10668MedJun 30, 2017
    risk 0.38cvss 5.9epss 0.00

    A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in…

  • CVE-2005-4900MedOct 14, 2016
    risk 0.38cvss 5.9epss 0.01

    SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence…

  • CVE-2024-53845MedDec 12, 2024
    risk 0.36cvss epss 0.01

    ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV (Initialization Vector) prior to versions 5.3.2, 5.2.4, 5.1.6, and 5.0.8. The IV is set to zero and…

  • CVE-2018-10846MedAug 22, 2018
    risk 0.36cvss 5.6epss 0.00

    A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.

  • CVE-2026-25834MedApr 1, 2026
    risk 0.35cvss 6.5epss 0.00

    Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.

  • CVE-2024-22588MedMay 24, 2024
    risk 0.35cvss 6.5epss 0.00

    Kwik commit 745fd4e2 does not discard unused encryption keys.

  • CVE-2024-28834MedMar 21, 2024
    risk 0.35cvss 5.3epss 0.01

    A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a…

  • CVE-2026-5588MedApr 15, 2026
    risk 0.34cvss epss 0.00

    Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix…

  • CVE-2023-41928MedJul 2, 2024
    risk 0.34cvss 5.3epss 0.00

    The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses.

  • CVE-2023-41927MedJul 2, 2024
    risk 0.34cvss 5.3epss 0.00

    The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic weaknesses.

  • CVE-2024-3264MedJun 24, 2024
    risk 0.34cvss 5.3epss 0.00

    Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Signature Spoofing by Improper Validation. This issue affects Mia-Med Health Aplication: before 1.0.14.