Common Weakness Enumeration

CWE-326

Allowed-with-Review

Inadequate Encryption Strength

Abstraction: Class · Status: Draft

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

631 vulnerabilities reference this CWE, most recent first.

GHSA-FH5X-H6R2-7RVF

Vulnerability from github – Published: 2023-10-19 21:30 – Updated: 2024-04-04 08:49
VLAI
Details

An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated privileges via static Cryptographic Key.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-30132"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-19T21:15:08Z",
    "severity": "HIGH"
  },
  "details": "An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated privileges via static Cryptographic Key.",
  "id": "GHSA-fh5x-h6r2-7rvf",
  "modified": "2024-04-04T08:49:09Z",
  "published": "2023-10-19T21:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30132"
    },
    {
      "type": "WEB",
      "url": "https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FHM7-XR45-VVHP

Vulnerability from github – Published: 2025-04-17 21:31 – Updated: 2025-05-16 15:30
VLAI
Details

HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42177"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-17T20:15:26Z",
    "severity": "LOW"
  },
  "details": "HCL MyXalytics is affected by SSL\u2215TLS Protocol affected with BREACH \u0026 LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system.",
  "id": "GHSA-fhm7-xr45-vvhp",
  "modified": "2025-05-16T15:30:35Z",
  "published": "2025-04-17T21:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42177"
    },
    {
      "type": "WEB",
      "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0120504"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FM6W-39G9-R4VH

Vulnerability from github – Published: 2025-07-16 15:32 – Updated: 2025-07-29 18:30
VLAI
Details

An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encrypt(byte[] clearData) derives both the encryption key and the IV from a fixed, hardcoded input by using a static salt value. As a result, identical plaintext inputs always produce identical ciphertext outputs. This is true for both FIPS and non-FIPS generated passwords. In other words, there is a cryptographic implementation flaw in the password encryption mechanism. Although there are multiple encryption methods grouped under FIPS and non-FIPS classifications, the logic consistently results in predictable and reversible encrypted outputs due to the lack of per-operation randomness and encryption authentication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-32874"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-311",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-16T15:15:26Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encrypt(byte[] clearData) derives both the encryption key and the IV from a fixed, hardcoded input by using a static salt value. As a result, identical plaintext inputs always produce identical ciphertext outputs. This is true for both FIPS and non-FIPS generated passwords. In other words, there is a cryptographic implementation flaw in the password encryption mechanism. Although there are multiple encryption methods grouped under FIPS and non-FIPS classifications, the logic consistently results in predictable and reversible encrypted outputs due to the lack of per-operation randomness and encryption authentication.",
  "id": "GHSA-fm6w-39g9-r4vh",
  "modified": "2025-07-29T18:30:30Z",
  "published": "2025-07-16T15:32:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32874"
    },
    {
      "type": "WEB",
      "url": "https://codykretsinger.com"
    },
    {
      "type": "WEB",
      "url": "https://galacticadvisors.com"
    },
    {
      "type": "WEB",
      "url": "https://www.galacticadvisors.com/release/critical-vulnerabilities-in-network-detective"
    },
    {
      "type": "WEB",
      "url": "https://www.galacticadvisors.com/release/cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FPV9-CQ8G-9X23

Vulnerability from github – Published: 2022-05-24 17:03 – Updated: 2022-05-24 17:03
VLAI
Details

The Bitwarden server through 1.32.0 has a potentially unwanted KDF.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19766"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-12T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The Bitwarden server through 1.32.0 has a potentially unwanted KDF.",
  "id": "GHSA-fpv9-cq8g-9x23",
  "modified": "2022-05-24T17:03:30Z",
  "published": "2022-05-24T17:03:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19766"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bitwarden/jslib/issues/52"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bitwarden/server/issues/589"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-FQM2-P6PX-F54C

Vulnerability from github – Published: 2026-06-04 03:30 – Updated: 2026-06-04 03:30
VLAI
Details

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-code OpenSSL::SSL::VERIFY_NONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH director or UAA and steal credentials.

Affected versions: - BOSH: all versions prior to v282.1.9 (inclusive); fixed in v282.1.9 or later

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-41860"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-04T03:16:20Z",
    "severity": "HIGH"
  },
  "details": "CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-code OpenSSL::SSL::VERIFY_NONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH director or UAA and steal credentials.\n\nAffected versions:\n- BOSH: all versions prior to v282.1.9 (inclusive); fixed in v282.1.9 or later",
  "id": "GHSA-fqm2-p6px-f54c",
  "modified": "2026-06-04T03:30:22Z",
  "published": "2026-06-04T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41860"
    },
    {
      "type": "WEB",
      "url": "https://www.cloudfoundry.org/blog/cve-2026-41860-missing-tls-verify-on-bosh-monitor"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-FQM3-34Q3-VW23

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2025-02-06 18:31
VLAI
Details

Electra Central AC unit – The unit opens an AP with an easily calculated password.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24502"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326",
      "CWE-521"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-17T22:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Electra Central AC unit \u2013 The unit opens an AP with an easily calculated password.",
  "id": "GHSA-fqm3-34q3-vw23",
  "modified": "2025-02-06T18:31:00Z",
  "published": "2023-07-06T19:24:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24502"
    },
    {
      "type": "WEB",
      "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FQQQ-6828-RGX6

Vulnerability from github – Published: 2022-09-20 00:00 – Updated: 2022-09-22 00:00
VLAI
Details

A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-40141"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-19T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server.",
  "id": "GHSA-fqqq-6828-rgx6",
  "modified": "2022-09-22T00:00:25Z",
  "published": "2022-09-20T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40141"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/000291528"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FV42-MX39-6FPW

Vulnerability from github – Published: 2022-11-16 12:00 – Updated: 2022-12-15 18:45
VLAI
Summary
Whole-script approval in Jenkins Script Security Plugin vulnerable to SHA-1 collisions
Details

Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the approved script. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest.

Script Security Plugin 1190.v65867a_a_47126 uses SHA-512 for new whole-script approvals. Previously approved scripts will have their SHA-1 based whole-script approval replaced with a corresponding SHA-512 whole-script approval when the script is next used.

Whole-script approval only stores the SHA-1 or SHA-512 hash, so it is not possible to migrate all previously approved scripts automatically on startup.

Administrators concerned about SHA-1 collision attacks on the whole-script approval feature are able to revoke all previous (SHA-1) script approvals on the In-Process Script Approval page.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1189.vb"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:script-security"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1190.v65867a_a_47126"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-45379"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326",
      "CWE-328"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-11-21T22:20:41Z",
    "nvd_published_at": "2022-11-15T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the [SHA-1 hash](https://en.wikipedia.org/wiki/SHA-1) of the approved script. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest.\n\nScript Security Plugin 1190.v65867a_a_47126 uses SHA-512 for new whole-script approvals. Previously approved scripts will have their SHA-1 based whole-script approval replaced with a corresponding SHA-512 whole-script approval when the script is next used.\n\nWhole-script approval only stores the SHA-1 or SHA-512 hash, so it is not possible to migrate all previously approved scripts automatically on startup.\n\nAdministrators concerned about SHA-1 collision attacks on the whole-script approval feature are able to revoke all previous (SHA-1) script approvals on the In-Process Script Approval page.",
  "id": "GHSA-fv42-mx39-6fpw",
  "modified": "2022-12-15T18:45:27Z",
  "published": "2022-11-16T12:00:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/script-security-plugin/commit/65867aa471265a16198b92fb439782ba3554da66"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/script-security-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Whole-script approval in Jenkins Script Security Plugin vulnerable to SHA-1 collisions"
}

GHSA-FVH2-VVX7-2PJR

Vulnerability from github – Published: 2025-05-05 03:30 – Updated: 2025-05-06 15:31
VLAI
Details

In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-20667"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-05T03:15:22Z",
    "severity": "HIGH"
  },
  "details": "In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.",
  "id": "GHSA-fvh2-vvx7-2pjr",
  "modified": "2025-05-06T15:31:03Z",
  "published": "2025-05-05T03:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20667"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/May-2025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FX39-M2FM-46W5

Vulnerability from github – Published: 2022-05-14 01:33 – Updated: 2022-05-14 01:33
VLAI
Details

Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-7469"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-02-21T03:29:00Z",
    "severity": "HIGH"
  },
  "details": "Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.",
  "id": "GHSA-fx39-m2fm-46w5",
  "modified": "2022-05-14T01:33:05Z",
  "published": "2022-05-14T01:33:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7469"
    },
    {
      "type": "WEB",
      "url": "https://github.com/haiwen/seafile/issues/350"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1rwYsnuhZZxmSR6Zs8rJlWW3R27XBOSJU/view"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use an encryption scheme that is currently considered to be strong by experts in the field.

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-192: Protocol Analysis

An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.

CAPEC-20: Encryption Brute Forcing

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.