CWE-326
Allowed-with-ReviewInadequate Encryption Strength
Abstraction: Class · Status: Draft
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
631 vulnerabilities reference this CWE, most recent first.
GHSA-X6C6-RQQC-C89M
Vulnerability from github – Published: 2022-05-24 22:33 – Updated: 2022-05-24 22:33Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration. Note that the ftps-extensions option is not enabled by default.
{
"affected": [],
"aliases": [
"CVE-2015-5361"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-02-28T23:15:00Z",
"severity": "MODERATE"
},
"details": "Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.\u200b Note that the ftps-extensions option is not enabled by default.",
"id": "GHSA-x6c6-rqqc-c89m",
"modified": "2022-05-24T22:33:54Z",
"published": "2022-05-24T22:33:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5361"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10706"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X6H3-HHV5-VWVJ
Vulnerability from github – Published: 2023-09-27 18:30 – Updated: 2024-04-04 07:56Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.
{
"affected": [],
"aliases": [
"CVE-2023-4129"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-27T16:21:35Z",
"severity": "HIGH"
},
"details": "\nDell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.\n\n",
"id": "GHSA-x6h3-hhv5-vwvj",
"modified": "2024-04-04T07:56:04Z",
"published": "2023-09-27T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4129"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000218045/dsa-2023-346-security-update-for-dell-data-protection-central"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X79H-858P-3WF4
Vulnerability from github – Published: 2024-03-06 12:30 – Updated: 2024-03-06 12:30This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system.
Successful exploitation of this vulnerability could allow the attacker to take control of the application and modify the access control of registered users or devices on the targeted system.
{
"affected": [],
"aliases": [
"CVE-2024-1224"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-06T12:15:45Z",
"severity": "HIGH"
},
"details": "This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to take control of the application and modify the access control of registered users or devices on the targeted system.\n",
"id": "GHSA-x79h-858p-3wf4",
"modified": "2024-03-06T12:30:28Z",
"published": "2024-03-06T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1224"
},
{
"type": "WEB",
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0080"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-X829-M68R-85MM
Vulnerability from github – Published: 2024-09-25 15:31 – Updated: 2024-10-01 21:31OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
{
"affected": [],
"aliases": [
"CVE-2024-22892"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-25T15:15:13Z",
"severity": "HIGH"
},
"details": "OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.",
"id": "GHSA-x829-m68r-85mm",
"modified": "2024-10-01T21:31:33Z",
"published": "2024-09-25T15:31:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22892"
},
{
"type": "WEB",
"url": "https://gist.github.com/mdickopp/0cab0d7f91b1f4ea0d326dd976db70e5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X8J8-PWR7-FRJW
Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-07-13 00:01Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
{
"affected": [],
"aliases": [
"CVE-2021-39272"
],
"database_specific": {
"cwe_ids": [
"CWE-319",
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-30T06:15:00Z",
"severity": "MODERATE"
},
"details": "Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.",
"id": "GHSA-x8j8-pwr7-frjw",
"modified": "2022-07-13T00:01:36Z",
"published": "2022-05-24T19:12:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39272"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XJ6XLEJCEZCAM5LGGD6XBCC522QLG4"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXMKSEHAQSEDCWZMAOJEGX3P3JW6QY6H"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYCYLL73NP7ALJWSDICIVSA47ZIXWSSA"
},
{
"type": "WEB",
"url": "https://nostarttls.secvuln.info"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202209-14"
},
{
"type": "WEB",
"url": "https://www.fetchmail.info/security.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/08/27/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X98F-R46F-9W75
Vulnerability from github – Published: 2023-11-27 21:30 – Updated: 2023-12-04 18:30An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.
{
"affected": [],
"aliases": [
"CVE-2023-48034"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-27T21:15:07Z",
"severity": "MODERATE"
},
"details": "An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.",
"id": "GHSA-x98f-r46f-9w75",
"modified": "2023-12-04T18:30:32Z",
"published": "2023-11-27T21:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48034"
},
{
"type": "WEB",
"url": "https://github.com/aprkr/CVE-2023-48034"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-X9RV-VWW8-VMJ9
Vulnerability from github – Published: 2022-05-02 03:35 – Updated: 2022-05-02 03:35neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
{
"affected": [],
"aliases": [
"CVE-2009-2474"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-08-21T17:30:00Z",
"severity": "MODERATE"
},
"details": "neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.",
"id": "GHSA-x9rv-vww8-vmj9",
"modified": "2022-05-02T03:35:36Z",
"published": "2022-05-02T03:35:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2474"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11721"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00924.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00945.html"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html"
},
{
"type": "WEB",
"url": "http://lists.manyfish.co.uk/pipermail/neon/2009-August/001046.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36371"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36799"
},
{
"type": "WEB",
"url": "http://support.apple.com/kb/HT4435"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:221"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/36079"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-835-1"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/2341"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-X9WR-745J-RM5J
Vulnerability from github – Published: 2024-08-28 09:30 – Updated: 2024-09-12 18:31Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1
{
"affected": [],
"aliases": [
"CVE-2021-38121"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-28T07:15:07Z",
"severity": "HIGH"
},
"details": "Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.\u00a0 This issue affects NetIQ Advance Authentication versions before 6.3.5.1",
"id": "GHSA-x9wr-745j-rm5j",
"modified": "2024-09-12T18:31:39Z",
"published": "2024-08-28T09:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38121"
},
{
"type": "WEB",
"url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-XC56-2WGW-3623
Vulnerability from github – Published: 2022-04-30 18:22 – Updated: 2024-02-14 18:30Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords.
{
"affected": [],
"aliases": [
"CVE-2002-1910"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2002-12-31T05:00:00Z",
"severity": "MODERATE"
},
"details": "Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords.",
"id": "GHSA-xc56-2wgw-3623",
"modified": "2024-02-14T18:30:23Z",
"published": "2022-04-30T18:22:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1910"
},
{
"type": "WEB",
"url": "http://online.securityfocus.com/archive/1/295309"
},
{
"type": "WEB",
"url": "http://www.iss.net/security_center/static/10389.php"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/5970"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XFJ2-8V99-WP6X
Vulnerability from github – Published: 2022-05-24 17:16 – Updated: 2024-04-04 02:50A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and < 4.7.2 enable unauthenticated users to perform MITM attacks via the B&R upgrade server.
{
"affected": [],
"aliases": [
"CVE-2019-19101"
],
"database_specific": {
"cwe_ids": [
"CWE-295",
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-29T03:15:00Z",
"severity": "MODERATE"
},
"details": "A missing secure communication definition and an incomplete TLS validation in the upgrade service in B\u0026R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, \u003c 4.3.11SP, \u003c 4.4.9SP, \u003c 4.5.5SP, \u003c 4.6.4 and \u003c 4.7.2 enable unauthenticated users to perform MITM attacks via the B\u0026R upgrade server.",
"id": "GHSA-xfj2-8v99-wp6x",
"modified": "2024-04-04T02:50:24Z",
"published": "2022-05-24T17:16:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19101"
},
{
"type": "WEB",
"url": "https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Use an encryption scheme that is currently considered to be strong by experts in the field.
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-192: Protocol Analysis
An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.
CAPEC-20: Encryption Brute Forcing
An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.