Common Weakness Enumeration

CWE-326

Allowed-with-Review

Inadequate Encryption Strength

Abstraction: Class · Status: Draft

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

631 vulnerabilities reference this CWE, most recent first.

GHSA-FXFC-W6XQ-5PP8

Vulnerability from github – Published: 2022-07-15 00:00 – Updated: 2023-01-23 18:30
VLAI
Details

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32222"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326",
      "CWE-427"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-14T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.",
  "id": "GHSA-fxfc-w6xq-5pp8",
  "modified": "2023-01-23T18:30:20Z",
  "published": "2022-07-15T00:00:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32222"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1695596"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
    },
    {
      "type": "WEB",
      "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220915-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-FXR3-63W8-HVHX

Vulnerability from github – Published: 2022-05-24 17:15 – Updated: 2025-11-03 21:30
VLAI
Details

A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-10377"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326",
      "CWE-327"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-17T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials.",
  "id": "GHSA-fxr3-63w8-hvhx",
  "modified": "2025-11-03T21:30:30Z",
  "published": "2022-05-24T17:15:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10377"
    },
    {
      "type": "WEB",
      "url": "https://www.mitel.com/support/security-advisories"
    },
    {
      "type": "WEB",
      "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-20-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G29V-Q6H7-76WH

Vulnerability from github – Published: 2026-05-14 20:30 – Updated: 2026-06-09 10:20
VLAI
Summary
electerm's encrypt method not safe enough
Details

Impact

Insecure sync encryption: deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common passwords across installs and perform undetected ciphertext bit-flips to alter config/bookmarks.

Patches

  • https://github.com/electerm/electerm/commit/9dd8295e37d53396b980cd45dfc5ed11ad79b937

Workarounds

  • No

References

  • Report / credit: https://github.com/Curly-Haired-Baboon
  • Electerm releases: https://github.com/electerm/electerm/releases
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "electerm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.9.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-45787"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326",
      "CWE-329",
      "CWE-353",
      "CWE-759",
      "CWE-916"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-14T20:30:04Z",
    "nvd_published_at": "2026-05-28T18:16:35Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n_Insecure sync encryption: deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common passwords across installs and perform undetected ciphertext bit-flips to alter config/bookmarks._\n\n### Patches\n\n- https://github.com/electerm/electerm/commit/9dd8295e37d53396b980cd45dfc5ed11ad79b937\n\n### Workarounds\n\n- No\n\n### References\n- Report / credit: https://github.com/Curly-Haired-Baboon\n- Electerm releases: https://github.com/electerm/electerm/releases",
  "id": "GHSA-g29v-q6h7-76wh",
  "modified": "2026-06-09T10:20:23Z",
  "published": "2026-05-14T20:30:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/electerm/electerm/security/advisories/GHSA-g29v-q6h7-76wh"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45787"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electerm/electerm/commit/9dd8295e37d53396b980cd45dfc5ed11ad79b937"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/electerm/electerm"
    },
    {
      "type": "WEB",
      "url": "https://github.com/electerm/electerm/releases/tag/v3.9.5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "electerm\u0027s encrypt method not safe enough"
}

GHSA-G2G3-6RCC-6C9Q

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2024-04-04 05:30
VLAI
Details

The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2640"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-02T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "The Config-files of Horner Automation\u2019s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).",
  "id": "GHSA-g2g3-6rcc-6c9q",
  "modified": "2024-04-04T05:30:47Z",
  "published": "2023-07-06T19:24:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2640"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G4G7-V7Q6-4XW8

Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2022-05-24 16:55
VLAI
Details

In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15947"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-05T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user\u0027s wallet.dat file, including their private keys, via a grep \"6231 0500\" command.",
  "id": "GHSA-g4g7-v7q6-4xw8",
  "modified": "2022-05-24T16:55:31Z",
  "published": "2022-05-24T16:55:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15947"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bitcoin/bitcoin/issues/16824"
    },
    {
      "type": "WEB",
      "url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2019-15947"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/oxagast/50a121b2df32186e0c48411859d5861b"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202009-18"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G5HG-3X62-V52F

Vulnerability from github – Published: 2023-03-07 00:30 – Updated: 2023-03-13 18:30
VLAI
Details

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-45141"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326",
      "CWE-327",
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-06T23:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96).",
  "id": "GHSA-g5hg-3x62-v52f",
  "modified": "2023-03-13T18:30:41Z",
  "published": "2023-03-07T00:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45141"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202309-06"
    },
    {
      "type": "WEB",
      "url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G664-59R4-4VFR

Vulnerability from github – Published: 2023-02-01 18:30 – Updated: 2023-02-08 21:30
VLAI
Details

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-43922"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-326",
      "CWE-328"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-01T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.",
  "id": "GHSA-g664-59r4-4vfr",
  "modified": "2023-02-08T21:30:19Z",
  "published": "2023-02-01T18:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43922"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/241583"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6857807"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G7C2-78MQ-V43G

Vulnerability from github – Published: 2024-10-29 12:30 – Updated: 2026-04-01 18:32
VLAI
Details

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50550"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-29T10:15:04Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1.",
  "id": "GHSA-g7c2-78mq-v43g",
  "modified": "2026-04-01T18:32:12Z",
  "published": "2024-10-29T12:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50550"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-5-1-privilege-escalation-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-6-5-1-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G7F6-JJ92-WC77

Vulnerability from github – Published: 2024-10-03 21:31 – Updated: 2024-10-08 15:32
VLAI
Details

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-41594"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-03T19:15:04Z",
    "severity": "HIGH"
  },
  "details": "An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL.",
  "id": "GHSA-g7f6-jj92-wc77",
  "modified": "2024-10-08T15:32:46Z",
  "published": "2024-10-03T21:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41594"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com/resources/draybreak-draytek-research"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com/resources/draytek14-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G862-3PQW-C5WX

Vulnerability from github – Published: 2023-08-04 00:30 – Updated: 2024-04-04 06:32
VLAI
Details

Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions 01.49.000 and prior, GS21 model versions 01.49.000 and prior, GT Designer3 Version1 (GOT2000) versions 1.295H and prior and GT SoftGOT2000 versions 1.295H and prior allows a remote unauthenticated attacker to obtain plaintext passwords by sniffing packets containing encrypted passwords and decrypting the encrypted passwords, in the case of transferring data with GT Designer3 Version1(GOT2000) and GOT2000 Series or GOT SIMPLE Series with the Data Transfer Security function enabled, or in the case of transferring data by the SoftGOT-GOT link function with GT SoftGOT2000 and GOT2000 series with the Data Transfer Security function enabled.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-0525"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-261",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-04T00:15:10Z",
    "severity": "HIGH"
  },
  "details": "Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.49.000 and prior, GT25 model versions 01.49.000 and prior, GT23 model versions 01.49.000 and prior, GT21 model versions 01.49.000 and prior, GOT SIMPLE Series GS25 model versions 01.49.000 and prior, GS21 model versions 01.49.000 and prior, GT Designer3 Version1 (GOT2000) versions 1.295H and prior and GT SoftGOT2000 versions 1.295H and prior allows a remote unauthenticated attacker to obtain plaintext passwords by sniffing packets containing encrypted passwords and decrypting the encrypted passwords, in the case of transferring data with GT Designer3 Version1(GOT2000) and GOT2000 Series or GOT SIMPLE Series with the Data Transfer Security function enabled, or in the case of transferring data by the SoftGOT-GOT link function with GT SoftGOT2000 and GOT2000 series with the Data Transfer Security function enabled.",
  "id": "GHSA-g862-3pqw-c5wx",
  "modified": "2024-04-04T06:32:49Z",
  "published": "2023-08-04T00:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0525"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU95285923/index.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-215-02"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-008_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use an encryption scheme that is currently considered to be strong by experts in the field.

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-192: Protocol Analysis

An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.

CAPEC-20: Encryption Brute Forcing

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.