Common Weakness Enumeration

CWE-326

Allowed-with-Review

Inadequate Encryption Strength

Abstraction: Class · Status: Draft

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

631 vulnerabilities reference this CWE, most recent first.

GHSA-C4G5-MPG9-GP62

Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-07-13 00:01
VLAI
Details

In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-27200"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-11T18:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.",
  "id": "GHSA-c4g5-mpg9-gp62",
  "modified": "2022-07-13T00:01:12Z",
  "published": "2022-05-24T19:04:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27200"
    },
    {
      "type": "WEB",
      "url": "https://securityforeveryone.com/blog/wowonder-0-day-vulnerability-cve-2021-27200"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/49989"
    },
    {
      "type": "WEB",
      "url": "https://www.wowonder.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C847-9386-RF38

Vulnerability from github – Published: 2022-05-14 01:45 – Updated: 2022-05-14 01:45
VLAI
Details

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144653.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-1648"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-05T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144653.",
  "id": "GHSA-c847-9386-rf38",
  "modified": "2022-05-14T01:45:45Z",
  "published": "2022-05-14T01:45:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1648"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144653"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=ibm10737027"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C9XG-M9QM-W776

Vulnerability from github – Published: 2023-11-09 15:30 – Updated: 2023-11-17 15:30
VLAI
Details

The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send malicious notifications to victims

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-47364"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-09T14:15:07Z",
    "severity": "MODERATE"
  },
  "details": "The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send malicious notifications to victims",
  "id": "GHSA-c9xg-m9qm-w776",
  "modified": "2023-11-17T15:30:26Z",
  "published": "2023-11-09T15:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47364"
    },
    {
      "type": "WEB",
      "url": "https://github.com/syz913/CVE-reports/blob/main/nagaoka%20taxi.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CCHJ-WXVC-4FXF

Vulnerability from github – Published: 2022-04-29 03:00 – Updated: 2024-02-14 18:30
VLAI
Details

EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2004-2172"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.",
  "id": "GHSA-cchj-wxvc-4fxf",
  "modified": "2024-02-14T18:30:23Z",
  "published": "2022-04-29T03:00:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-2172"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15231"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2004-02/0503.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0871.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/10898"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/alerts/2004/Feb/1009085.html"
    },
    {
      "type": "WEB",
      "url": "http://www.earlyimpact.com/productcart/support/updates/ReadMe_ProductCart_Security_Patch_013004.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/3979"
    },
    {
      "type": "WEB",
      "url": "http://www.s-quadra.com/advisories/Adv-20040216.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/354288"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/9669"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CCM6-R4R3-65M2

Vulnerability from github – Published: 2023-02-09 21:30 – Updated: 2023-02-17 18:30
VLAI
Details

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21443"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-09T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.",
  "id": "GHSA-ccm6-r4r3-65m2",
  "modified": "2023-02-17T18:30:25Z",
  "published": "2023-02-09T21:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21443"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023\u0026month=02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CF6W-GMCC-MJ3M

Vulnerability from github – Published: 2025-07-21 21:31 – Updated: 2025-07-21 21:31
VLAI
Details

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-36106"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-21T19:15:29Z",
    "severity": "MODERATE"
  },
  "details": "IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime.",
  "id": "GHSA-cf6w-gmcc-mj3m",
  "modified": "2025-07-21T21:31:37Z",
  "published": "2025-07-21T21:31:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36106"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7239635"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CF7G-GGQR-V2MP

Vulnerability from github – Published: 2022-05-17 02:26 – Updated: 2022-05-17 02:26
VLAI
Details

IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123903.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-1224"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-19T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123903.",
  "id": "GHSA-cf7g-ggqr-v2mp",
  "modified": "2022-05-17T02:26:22Z",
  "published": "2022-05-17T02:26:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1224"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123903"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22005246"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99916"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CFPR-7WG7-7X58

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI
Details

Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9635"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-05-18T13:29:00Z",
    "severity": "LOW"
  },
  "details": "Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user\u0027s password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.",
  "id": "GHSA-cfpr-7wg7-7x58",
  "modified": "2022-05-13T01:36:06Z",
  "published": "2022-05-13T01:36:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9635"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-05"
    },
    {
      "type": "WEB",
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000118"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99469"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CG44-3C54-5Q5H

Vulnerability from github – Published: 2023-12-01 15:31 – Updated: 2024-04-24 15:30
VLAI
Details

Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle.

Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28896"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-261",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-01T14:15:07Z",
    "severity": "LOW"
  },
  "details": "Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3\u00a0(MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle.\n\nVulnerability discovered on\u00a0\u0160koda Superb III (3V3) - 2.0 TDI manufactured in 2022.\n\n\n\n\n\n",
  "id": "GHSA-cg44-3c54-5q5h",
  "modified": "2024-04-24T15:30:32Z",
  "published": "2023-12-01T15:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28896"
    },
    {
      "type": "WEB",
      "url": "https://asrg.io/security-advisories/cve-2023-28896"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CJ7W-9337-9J7M

Vulnerability from github – Published: 2022-07-09 00:00 – Updated: 2022-07-17 00:00
VLAI
Details

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22464"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-08T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081.",
  "id": "GHSA-cj7w-9337-9j7m",
  "modified": "2022-07-17T00:00:47Z",
  "published": "2022-07-09T00:00:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22464"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225081"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6601729"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use an encryption scheme that is currently considered to be strong by experts in the field.

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-192: Protocol Analysis

An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.

CAPEC-20: Encryption Brute Forcing

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.