Common Weakness Enumeration

CWE-326

Allowed-with-Review

Inadequate Encryption Strength

Abstraction: Class · Status: Draft

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

633 vulnerabilities reference this CWE, most recent first.

GHSA-6W64-P2VC-5PH5

Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32
VLAI
Details

IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144891.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-1665"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-13T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144891.",
  "id": "GHSA-6w64-p2vc-5ph5",
  "modified": "2022-05-13T01:32:58Z",
  "published": "2022-05-13T01:32:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1665"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144891"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=ibm10744195"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6WJF-4887-CJ22

Vulnerability from github – Published: 2022-04-30 18:22 – Updated: 2024-02-14 18:30
VLAI
Details

Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2002-1975"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-12-31T05:00:00Z",
    "severity": "LOW"
  },
  "details": "Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of \"A0\" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods.",
  "id": "GHSA-6wjf-4887-cj22",
  "modified": "2024-02-14T18:30:23Z",
  "published": "2022-04-30T18:22:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1975"
    },
    {
      "type": "WEB",
      "url": "http://online.securityfocus.com/archive/1/281437"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/9535.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/5201"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6X5V-HWXC-Q4HH

Vulnerability from github – Published: 2022-05-24 22:00 – Updated: 2022-05-24 22:00
VLAI
Details

The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115635664

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-9399"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-27T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115635664",
  "id": "GHSA-6x5v-hwxc-q4hh",
  "modified": "2022-05-24T22:00:53Z",
  "published": "2022-05-24T22:00:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9399"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/android-10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-722R-MGVR-P46C

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI
Details

The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-5535"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-01T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.\u0027s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0.",
  "id": "GHSA-722r-mgvr-p46c",
  "modified": "2022-05-13T01:36:37Z",
  "published": "2022-05-13T01:36:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5535"
    },
    {
      "type": "WEB",
      "url": "https://www.tibco.com/support/advisories/2018/05/security-advisory-may-1-2018-tibco-datasynapse-gridserver-2017-5535"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-73VM-8JVG-JPQH

Vulnerability from github – Published: 2022-05-24 17:17 – Updated: 2022-05-24 17:17
VLAI
Details

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-9315"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-05-10T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.",
  "id": "GHSA-73vm-8jvg-jpqh",
  "modified": "2022-05-24T17:17:38Z",
  "published": "2022-05-24T17:17:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9315"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/support/lifetime-support"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/us/assets/lifetime-support-middleware-069163.pdf"
    },
    {
      "type": "WEB",
      "url": "https://wwws.nightwatchcybersecurity.com/2020/05/10/two-vulnerabilities-in-oracles-iplanet-web-server-cve-2020-9315-and-cve-2020-9314"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2020/May/31"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-75FW-M5QW-HFX6

Vulnerability from github – Published: 2022-05-17 00:24 – Updated: 2022-05-17 00:24
VLAI
Details

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2012-6707"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-19T19:29:00Z",
    "severity": "HIGH"
  },
  "details": "WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.",
  "id": "GHSA-75fw-m5qw-hfx6",
  "modified": "2022-05-17T00:24:37Z",
  "published": "2022-05-17T00:24:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6707"
    },
    {
      "type": "WEB",
      "url": "https://core.trac.wordpress.org/ticket/21022"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75HR-42CM-P5WQ

Vulnerability from github – Published: 2022-09-06 00:00 – Updated: 2022-09-09 00:00
VLAI
Details

The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2083"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-319",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-05T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site.",
  "id": "GHSA-75hr-42cm-p5wq",
  "modified": "2022-09-09T00:00:57Z",
  "published": "2022-09-06T00:00:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2083"
    },
    {
      "type": "WEB",
      "url": "https://lana.codes/lanavdb/0bab7575-45fc-432d-945e-6100c35c574c"
    },
    {
      "type": "WEB",
      "url": "https://wpscan.com/vulnerability/2bbfc855-6901-462f-8a93-120d7fb5d268"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75JP-83J7-2672

Vulnerability from github – Published: 2022-04-23 00:40 – Updated: 2024-04-03 23:52
VLAI
Details

A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2012-2130"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-06T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.",
  "id": "GHSA-75jp-83j7-2672",
  "modified": "2024-04-03T23:52:46Z",
  "published": "2022-04-23T00:40:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2130"
    },
    {
      "type": "WEB",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2012-2130"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2130"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75726"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2012-2130"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201310-10.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/53610"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75M4-949R-9374

Vulnerability from github – Published: 2023-11-09 15:30 – Updated: 2023-11-20 18:30
VLAI
Details

The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-47370"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-09T15:15:08Z",
    "severity": "MODERATE"
  },
  "details": "The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims.",
  "id": "GHSA-75m4-949r-9374",
  "modified": "2023-11-20T18:30:46Z",
  "published": "2023-11-09T15:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47370"
    },
    {
      "type": "WEB",
      "url": "https://github.com/syz913/CVE-reports/blob/main/bluetrick.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75QM-M8R5-4CCG

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-07-13 00:01
VLAI
Details

An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31796"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-02T01:15:00Z",
    "severity": "HIGH"
  },
  "details": "An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36.",
  "id": "GHSA-75qm-m8r5-4ccg",
  "modified": "2022-07-13T00:01:24Z",
  "published": "2022-05-24T19:12:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31796"
    },
    {
      "type": "WEB",
      "url": "https://korelogic.com/Resources/Advisories/KL-001-2021-008.txt"
    },
    {
      "type": "WEB",
      "url": "https://www.cyberark.com/resources/blog"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/164023/CyberArk-Credential-File-Insufficient-Effective-Key-Space.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2021/Sep/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use an encryption scheme that is currently considered to be strong by experts in the field.

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-192: Protocol Analysis

An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.

CAPEC-20: Encryption Brute Forcing

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.