CWE-326
Allowed-with-ReviewInadequate Encryption Strength
Abstraction: Class · Status: Draft
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
631 vulnerabilities reference this CWE, most recent first.
GHSA-C4G5-MPG9-GP62
Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-07-13 00:01In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.
{
"affected": [],
"aliases": [
"CVE-2021-27200"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-11T18:15:00Z",
"severity": "CRITICAL"
},
"details": "In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.",
"id": "GHSA-c4g5-mpg9-gp62",
"modified": "2022-07-13T00:01:12Z",
"published": "2022-05-24T19:04:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27200"
},
{
"type": "WEB",
"url": "https://securityforeveryone.com/blog/wowonder-0-day-vulnerability-cve-2021-27200"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/49989"
},
{
"type": "WEB",
"url": "https://www.wowonder.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-C847-9386-RF38
Vulnerability from github – Published: 2022-05-14 01:45 – Updated: 2022-05-14 01:45IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144653.
{
"affected": [],
"aliases": [
"CVE-2018-1648"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-05T17:29:00Z",
"severity": "HIGH"
},
"details": "IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144653.",
"id": "GHSA-c847-9386-rf38",
"modified": "2022-05-14T01:45:45Z",
"published": "2022-05-14T01:45:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1648"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144653"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10737027"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C9XG-M9QM-W776
Vulnerability from github – Published: 2023-11-09 15:30 – Updated: 2023-11-17 15:30The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send malicious notifications to victims
{
"affected": [],
"aliases": [
"CVE-2023-47364"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-09T14:15:07Z",
"severity": "MODERATE"
},
"details": "The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send malicious notifications to victims",
"id": "GHSA-c9xg-m9qm-w776",
"modified": "2023-11-17T15:30:26Z",
"published": "2023-11-09T15:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47364"
},
{
"type": "WEB",
"url": "https://github.com/syz913/CVE-reports/blob/main/nagaoka%20taxi.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CCHJ-WXVC-4FXF
Vulnerability from github – Published: 2022-04-29 03:00 – Updated: 2024-02-14 18:30EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.
{
"affected": [],
"aliases": [
"CVE-2004-2172"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2004-12-31T05:00:00Z",
"severity": "MODERATE"
},
"details": "EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.",
"id": "GHSA-cchj-wxvc-4fxf",
"modified": "2024-02-14T18:30:23Z",
"published": "2022-04-29T03:00:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-2172"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15231"
},
{
"type": "WEB",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-02/0503.html"
},
{
"type": "WEB",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0871.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/10898"
},
{
"type": "WEB",
"url": "http://securitytracker.com/alerts/2004/Feb/1009085.html"
},
{
"type": "WEB",
"url": "http://www.earlyimpact.com/productcart/support/updates/ReadMe_ProductCart_Security_Patch_013004.txt"
},
{
"type": "WEB",
"url": "http://www.osvdb.org/3979"
},
{
"type": "WEB",
"url": "http://www.s-quadra.com/advisories/Adv-20040216.txt"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/354288"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/9669"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CCM6-R4R3-65M2
Vulnerability from github – Published: 2023-02-09 21:30 – Updated: 2023-02-17 18:30Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.
{
"affected": [],
"aliases": [
"CVE-2023-21443"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-09T19:15:00Z",
"severity": "HIGH"
},
"details": "Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.",
"id": "GHSA-ccm6-r4r3-65m2",
"modified": "2023-02-17T18:30:25Z",
"published": "2023-02-09T21:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21443"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023\u0026month=02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CF6W-GMCC-MJ3M
Vulnerability from github – Published: 2025-07-21 21:31 – Updated: 2025-07-21 21:31IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime.
{
"affected": [],
"aliases": [
"CVE-2025-36106"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-21T19:15:29Z",
"severity": "MODERATE"
},
"details": "IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime.",
"id": "GHSA-cf6w-gmcc-mj3m",
"modified": "2025-07-21T21:31:37Z",
"published": "2025-07-21T21:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36106"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7239635"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CF7G-GGQR-V2MP
Vulnerability from github – Published: 2022-05-17 02:26 – Updated: 2022-05-17 02:26IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123903.
{
"affected": [],
"aliases": [
"CVE-2017-1224"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-19T20:29:00Z",
"severity": "HIGH"
},
"details": "IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123903.",
"id": "GHSA-cf7g-ggqr-v2mp",
"modified": "2022-05-17T02:26:22Z",
"published": "2022-05-17T02:26:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1224"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123903"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005246"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99916"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CFPR-7WG7-7X58
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.
{
"affected": [],
"aliases": [
"CVE-2017-9635"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-05-18T13:29:00Z",
"severity": "LOW"
},
"details": "Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user\u0027s password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.",
"id": "GHSA-cfpr-7wg7-7x58",
"modified": "2022-05-13T01:36:06Z",
"published": "2022-05-13T01:36:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9635"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-05"
},
{
"type": "WEB",
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000118"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99469"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-CG44-3C54-5Q5H
Vulnerability from github – Published: 2023-12-01 15:31 – Updated: 2024-04-24 15:30Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle.
Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.
{
"affected": [],
"aliases": [
"CVE-2023-28896"
],
"database_specific": {
"cwe_ids": [
"CWE-261",
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-01T14:15:07Z",
"severity": "LOW"
},
"details": "Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3\u00a0(MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle.\n\nVulnerability discovered on\u00a0\u0160koda Superb III (3V3) - 2.0 TDI manufactured in 2022.\n\n\n\n\n\n",
"id": "GHSA-cg44-3c54-5q5h",
"modified": "2024-04-24T15:30:32Z",
"published": "2023-12-01T15:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28896"
},
{
"type": "WEB",
"url": "https://asrg.io/security-advisories/cve-2023-28896"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CJ7W-9337-9J7M
Vulnerability from github – Published: 2022-07-09 00:00 – Updated: 2022-07-17 00:00IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081.
{
"affected": [],
"aliases": [
"CVE-2022-22464"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-08T18:15:00Z",
"severity": "HIGH"
},
"details": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081.",
"id": "GHSA-cj7w-9337-9j7m",
"modified": "2022-07-17T00:00:47Z",
"published": "2022-07-09T00:00:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22464"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225081"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6601729"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Use an encryption scheme that is currently considered to be strong by experts in the field.
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-192: Protocol Analysis
An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.
CAPEC-20: Encryption Brute Forcing
An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.