CWE-326
Allowed-with-ReviewInadequate Encryption Strength
Abstraction: Class · Status: Draft
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
631 vulnerabilities reference this CWE, most recent first.
GHSA-R59G-26CW-MXWR
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID (rather than that UID in addition to the user passcode).
{
"affected": [],
"aliases": [
"CVE-2017-2399"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-02T01:59:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the \"Pasteboard\" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID (rather than that UID in addition to the user passcode).",
"id": "GHSA-r59g-26cw-mxwr",
"modified": "2022-05-13T01:44:48Z",
"published": "2022-05-13T01:44:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2399"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207617"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97138"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038139"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R82W-3PHG-QVR4
Vulnerability from github – Published: 2024-06-18 21:30 – Updated: 2024-06-27 03:30A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "4.4.0-beta"
},
{
"fixed": "4.4.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "4.3.0-beta"
},
{
"fixed": "4.3.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0-beta"
},
{
"fixed": "4.2.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-38277"
],
"database_specific": {
"cwe_ids": [
"CWE-324",
"CWE-326"
],
"github_reviewed": true,
"github_reviewed_at": "2024-06-18T22:45:45Z",
"nvd_published_at": "2024-06-18T20:15:14Z",
"severity": "MODERATE"
},
"details": "A unique key should be generated for a user\u0027s QR login key and their auto-login key, so the same key cannot be used interchangeably between the two.",
"id": "GHSA-r82w-3phg-qvr4",
"modified": "2024-06-27T03:30:55Z",
"published": "2024-06-18T21:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38277"
},
{
"type": "WEB",
"url": "https://github.com/moodle/moodle/commit/0caedaab7cd5a46331d56654ce9301b0a5a04c56"
},
{
"type": "WEB",
"url": "https://github.com/moodle/moodle/commit/1aea4a15281d81f2414a95aa485b8a6551708f57"
},
{
"type": "WEB",
"url": "https://github.com/moodle/moodle/commit/ad46a97f5355f0451d52e9f1a0f528d9a6f12e06"
},
{
"type": "WEB",
"url": "https://github.com/moodle/moodle/commit/d05795db8eece2943241a29a5443fb4685ba6070"
},
{
"type": "PACKAGE",
"url": "https://github.com/moodle/moodle"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E"
},
{
"type": "WEB",
"url": "https://moodle.org/mod/forum/discuss.php?d=459502"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Moodle uses the same key for QR login and auto-login"
}
GHSA-R853-96WW-64GR
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-05-24 19:18InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to intercept the communication and steal sensitive information or hijack the session.
{
"affected": [],
"aliases": [
"CVE-2021-38464"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-19T13:15:00Z",
"severity": "HIGH"
},
"details": "InHand Networks IR615 Router\u0027s Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption strength, which may allow an attacker to intercept the communication and steal sensitive information or hijack the session.",
"id": "GHSA-r853-96ww-64gr",
"modified": "2022-05-24T19:18:02Z",
"published": "2022-05-24T19:18:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38464"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R86Q-XWFJ-WHPP
Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2022-05-24 16:49The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.
{
"affected": [],
"aliases": [
"CVE-2019-10639"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-05T23:15:00Z",
"severity": "HIGH"
},
"details": "The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker\u0027s web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.",
"id": "GHSA-r86q-xwfj-whpp",
"modified": "2022-05-24T16:49:41Z",
"published": "2022-05-24T16:49:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10639"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92"
},
{
"type": "WEB",
"url": "https://arxiv.org/pdf/1906.10478.pdf"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00022.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Aug/18"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190806-0001"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K32804955"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K32804955?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4115-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4118-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4497"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R8WH-8J3R-H3QR
Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2023-08-08 15:31The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure.
{
"affected": [],
"aliases": [
"CVE-2021-31797"
],
"database_specific": {
"cwe_ids": [
"CWE-326",
"CWE-362"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-02T00:15:00Z",
"severity": "MODERATE"
},
"details": "The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure.",
"id": "GHSA-r8wh-8j3r-h3qr",
"modified": "2023-08-08T15:31:20Z",
"published": "2022-05-24T19:12:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31797"
},
{
"type": "WEB",
"url": "https://korelogic.com/Resources/Advisories/KL-001-2021-009.txt"
},
{
"type": "WEB",
"url": "https://www.cyberark.com/resources/blog"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/164033/CyberArk-Credential-Provider-Race-Condition-Authorization-Bypass.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2021/Sep/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R9Q2-3R6X-QMGP
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-07-01 18:29Jenkins before versions 2.44 and 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304).
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.32.1"
},
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.main:jenkins-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.32.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.43"
},
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.main:jenkins-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.34"
},
{
"fixed": "2.44"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-2598"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-01T18:29:06Z",
"nvd_published_at": "2018-05-23T13:29:00Z",
"severity": "MODERATE"
},
"details": "Jenkins before versions 2.44 and 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304).",
"id": "GHSA-r9q2-3r6x-qmgp",
"modified": "2022-07-01T18:29:06Z",
"published": "2022-05-13T01:36:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2598"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/jenkins/commit/e6aa166246d1734f4798a9e31f78842f4c85c28b"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2598"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/jenkins"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2017-02-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Inadequate Encryption Strength in Jenkins"
}
GHSA-RC52-2QP6-XMFF
Vulnerability from github – Published: 2025-01-20 21:30 – Updated: 2025-01-21 21:30Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3
{
"affected": [],
"aliases": [
"CVE-2024-13454"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-20T21:15:21Z",
"severity": "MODERATE"
},
"details": "Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3",
"id": "GHSA-rc52-2qp6-xmff",
"modified": "2025-01-21T21:30:51Z",
"published": "2025-01-20T21:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13454"
},
{
"type": "WEB",
"url": "https://community.openvpn.net/openvpn/wiki/CVE-2024-13454"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-RF4W-VF8X-X7XX
Vulnerability from github – Published: 2023-07-06 21:14 – Updated: 2024-04-04 05:42Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API.
{
"affected": [],
"aliases": [
"CVE-2023-2443"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-11T19:15:09Z",
"severity": "HIGH"
},
"details": "\nRockwell Automation ThinManager product allows the use of medium strength ciphers. \u00a0If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API.\n\n",
"id": "GHSA-rf4w-vf8x-x7xx",
"modified": "2024-04-04T05:42:34Z",
"published": "2023-07-06T21:14:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2443"
},
{
"type": "WEB",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139442"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RFW9-2G35-8X3Q
Vulnerability from github – Published: 2025-07-08 18:31 – Updated: 2025-07-08 18:31Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.
{
"affected": [],
"aliases": [
"CVE-2025-48823"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T17:15:47Z",
"severity": "MODERATE"
},
"details": "Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.",
"id": "GHSA-rfw9-2g35-8x3q",
"modified": "2025-07-08T18:31:46Z",
"published": "2025-07-08T18:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48823"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48823"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-RG22-25WR-X484
Vulnerability from github – Published: 2022-05-14 03:21 – Updated: 2022-05-14 03:21IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393.
{
"affected": [],
"aliases": [
"CVE-2017-1701"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-23T13:29:00Z",
"severity": "HIGH"
},
"details": "IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 134393.",
"id": "GHSA-rg22-25wr-x484",
"modified": "2022-05-14T03:21:41Z",
"published": "2022-05-14T03:21:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1701"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134393"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22015454"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Use an encryption scheme that is currently considered to be strong by experts in the field.
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-192: Protocol Analysis
An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.
CAPEC-20: Encryption Brute Forcing
An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.