Common Weakness Enumeration

CWE-326

Allowed-with-Review

Inadequate Encryption Strength

Abstraction: Class · Status: Draft

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

631 vulnerabilities reference this CWE, most recent first.

GHSA-JV6M-3W7G-PV7C

Vulnerability from github – Published: 2022-05-17 01:58 – Updated: 2022-05-17 01:58
VLAI
Details

In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-9975"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-18T18:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.",
  "id": "GHSA-jv6m-3w7g-pv7c",
  "modified": "2022-05-17T01:58:18Z",
  "published": "2022-05-17T01:58:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9975"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2017-07-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99467"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JX7G-G4HJ-4C6W

Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2023-08-08 15:31
VLAI
Details

usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-27885"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-02T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.",
  "id": "GHSA-jx7g-g4hj-4c6w",
  "modified": "2023-08-08T15:31:16Z",
  "published": "2022-05-24T17:43:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27885"
    },
    {
      "type": "WEB",
      "url": "https://github.com/e107inc/e107/commit/d9efdb9b5f424b4996c276e754a380a5e251f472"
    },
    {
      "type": "WEB",
      "url": "https://github.com/e107inc/e107/releases"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/161651/e107-CMS-2.3.0-Cross-Site-Request-Forgery.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M25V-4656-G8PC

Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-07-13 00:01
VLAI
Details

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission to achieve full MITM status without terminating the link. When applied against devices establishing or using encrypted links, crafted packets may be used to terminate an existing link, but will not compromise the confidentiality or integrity of the link.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31615"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-25T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission to achieve full MITM status without terminating the link. When applied against devices establishing or using encrypted links, crafted packets may be used to terminate an existing link, but will not compromise the confidentiality or integrity of the link.",
  "id": "GHSA-m25v-4656-g8pc",
  "modified": "2022-07-13T00:01:24Z",
  "published": "2022-05-24T19:06:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31615"
    },
    {
      "type": "WEB",
      "url": "https://bluetooth.com"
    },
    {
      "type": "WEB",
      "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/injectable"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M34X-WH4M-W7Q3

Vulnerability from github – Published: 2024-04-17 21:30 – Updated: 2025-02-04 18:30
VLAI
Details

The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-29950"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-17T19:15:07Z",
    "severity": "HIGH"
  },
  "details": "The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash.\nThe vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack.",
  "id": "GHSA-m34x-wh4m-w7q3",
  "modified": "2025-02-04T18:30:43Z",
  "published": "2024-04-17T21:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29950"
    },
    {
      "type": "WEB",
      "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23236"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M4FC-4F5M-5HHW

Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-05-24 19:02
VLAI
Details

The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27208"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-21T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 \u0026 Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface.",
  "id": "GHSA-m4fc-4f5m-5hhw",
  "modified": "2022-05-24T19:02:58Z",
  "published": "2022-05-24T19:02:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27208"
    },
    {
      "type": "WEB",
      "url": "https://github.com/solokeys/solo/commit/a9c02cd354f34b48195a342c7f524abdef5cbcec"
    },
    {
      "type": "WEB",
      "url": "https://eprint.iacr.org/2021/640"
    },
    {
      "type": "WEB",
      "url": "https://solokeys.com"
    },
    {
      "type": "WEB",
      "url": "https://twitter.com/SoloKeysSec"
    },
    {
      "type": "WEB",
      "url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
    },
    {
      "type": "WEB",
      "url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-M4V4-RJG3-FM2H

Vulnerability from github – Published: 2023-11-09 15:30 – Updated: 2023-11-20 18:30
VLAI
Details

The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send malicious notifications to victims.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-47366"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-09T14:15:08Z",
    "severity": "MODERATE"
  },
  "details": "The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send malicious notifications to victims.",
  "id": "GHSA-m4v4-rjg3-fm2h",
  "modified": "2023-11-20T18:30:45Z",
  "published": "2023-11-09T15:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47366"
    },
    {
      "type": "WEB",
      "url": "https://github.com/syz913/CVE-reports/blob/main/craft_members.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M54W-MHP6-X65M

Vulnerability from github – Published: 2024-08-12 15:30 – Updated: 2025-12-19 15:31
VLAI
Details

Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5800"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-12T13:38:38Z",
    "severity": "HIGH"
  },
  "details": "Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B\u0026R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication.",
  "id": "GHSA-m54w-mhp6-x65m",
  "modified": "2025-12-19T15:31:16Z",
  "published": "2024-08-12T15:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5800"
    },
    {
      "type": "WEB",
      "url": "https://www.br-automation.com/fileadmin/SA24P011-d8aaf02f.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-M59F-Q3CW-8CFH

Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2022-07-13 00:01
VLAI
Details

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-41829"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-30T03:15:00Z",
    "severity": "HIGH"
  },
  "details": "Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application\u0027s build number to calculate a certain encryption key.",
  "id": "GHSA-m59f-q3cw-8cfh",
  "modified": "2022-07-13T00:01:41Z",
  "published": "2022-05-24T19:16:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41829"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/nestedif/vulnerability-disclosure-statically-derived-encryption-key-zoho-r-a-p-907088263197"
    },
    {
      "type": "WEB",
      "url": "https://www.manageengine.com/remote-desktop-management/hotfix-readme.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M5XH-JXQ3-G8GC

Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2022-05-13 01:09
VLAI
Details

An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called "black box" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character password of *^JEd4W!I that is obfuscated by hiding it within a custom /bin/rc4_crypt binary.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-17177"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-09-18T18:29:00Z",
    "severity": "LOW"
  },
  "details": "An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called \"black box\" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character password of *^JEd4W!I that is obfuscated by hiding it within a custom /bin/rc4_crypt binary.",
  "id": "GHSA-m5xh-jxq3-g8gc",
  "modified": "2022-05-13T01:09:16Z",
  "published": "2022-05-13T01:09:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17177"
    },
    {
      "type": "WEB",
      "url": "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M88Q-F722-M6X3

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-07-13 00:01
VLAI
Details

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 200258.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-29694"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-26T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 200258.",
  "id": "GHSA-m88q-f722-m6x3",
  "modified": "2022-07-13T00:01:17Z",
  "published": "2022-05-24T17:48:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29694"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/200258"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6445735"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use an encryption scheme that is currently considered to be strong by experts in the field.

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-192: Protocol Analysis

An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.

CAPEC-20: Encryption Brute Forcing

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.