Common Weakness Enumeration

CWE-326

Allowed-with-Review

Inadequate Encryption Strength

Abstraction: Class · Status: Draft

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

631 vulnerabilities reference this CWE, most recent first.

GHSA-5P58-MVCX-MJX5

Vulnerability from github – Published: 2022-05-13 01:33 – Updated: 2022-05-13 01:33
VLAI
Details

IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-1593"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-02T15:29:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568.",
  "id": "GHSA-5p58-mvcx-mjx5",
  "modified": "2022-05-13T01:33:05Z",
  "published": "2022-05-13T01:33:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1593"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143568"
    },
    {
      "type": "WEB",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=swg22016681"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5RJW-V9CX-F327

Vulnerability from github – Published: 2022-04-30 18:21 – Updated: 2024-02-14 18:30
VLAI
Details

NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2002-1682"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-12-31T05:00:00Z",
    "severity": "LOW"
  },
  "details": "NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users\u0027 newsgroup accounts.",
  "id": "GHSA-5rjw-v9cx-f327",
  "modified": "2024-02-14T18:30:21Z",
  "published": "2022-04-30T18:21:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1682"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7968"
    },
    {
      "type": "WEB",
      "url": "http://www.securiteam.com/windowsntfocus/5SP0P0K60C.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/3927"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5V9J-FR4G-CG7X

Vulnerability from github – Published: 2022-05-17 00:22 – Updated: 2022-05-17 00:22
VLAI
Details

Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-14797"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-01T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network.",
  "id": "GHSA-5v9j-fr4g-cg7x",
  "modified": "2022-05-17T00:22:31Z",
  "published": "2022-05-17T00:22:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14797"
    },
    {
      "type": "WEB",
      "url": "https://www.tiferrei.com/philips-we-need-to-talk"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-63GH-HJ5G-65R3

Vulnerability from github – Published: 2023-01-18 00:30 – Updated: 2023-01-25 15:30
VLAI
Details

An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38469"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-261",
      "CWE-326",
      "CWE-522"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-18T00:15:00Z",
    "severity": "HIGH"
  },
  "details": "An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords.",
  "id": "GHSA-63gh-hj5g-65r3",
  "modified": "2023-01-25T15:30:59Z",
  "published": "2023-01-18T00:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38469"
    },
    {
      "type": "WEB",
      "url": "https://digitalsupport.ge.com/s/article/GE-Digital-Product-Security-Advisory-GED-23-01"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-63V4-64X6-H6C2

Vulnerability from github – Published: 2022-05-14 02:45 – Updated: 2022-05-14 02:45
VLAI
Details

Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows unauthenticated attacker extract clear text passwords and get root access on the device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-15124"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-13T21:48:00Z",
    "severity": "CRITICAL"
  },
  "details": "Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows unauthenticated attacker extract clear text passwords and get root access on the device.",
  "id": "GHSA-63v4-64x6-h6c2",
  "modified": "2022-05-14T02:45:30Z",
  "published": "2022-05-14T02:45:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15124"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/08/klcert-18-004-zipato-zipabox-weak-hash-algorithm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-63X5-2522-M5F9

Vulnerability from github – Published: 2023-05-10 18:30 – Updated: 2024-04-04 04:01
VLAI
Details

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-30351"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326",
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-10T16:15:11Z",
    "severity": "HIGH"
  },
  "details": "Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials.",
  "id": "GHSA-63x5-2522-m5f9",
  "modified": "2024-04-04T04:01:11Z",
  "published": "2023-05-10T18:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30351"
    },
    {
      "type": "WEB",
      "url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_PRA.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_RRA.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6488-G94H-5JH6

Vulnerability from github – Published: 2023-04-11 12:30 – Updated: 2023-04-11 12:30
VLAI
Details

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default.

This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29054"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-11T10:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions \u003c V5.5.2), SCALANCE X201-3P IRT (All versions \u003c V5.5.2), SCALANCE X201-3P IRT PRO (All versions \u003c V5.5.2), SCALANCE X202-2IRT (All versions \u003c V5.5.2), SCALANCE X202-2IRT (All versions \u003c V5.5.2), SCALANCE X202-2P IRT (All versions \u003c V5.5.2), SCALANCE X202-2P IRT PRO (All versions \u003c V5.5.2), SCALANCE X204IRT (All versions \u003c V5.5.2), SCALANCE X204IRT (All versions \u003c V5.5.2), SCALANCE X204IRT PRO (All versions \u003c V5.5.2), SCALANCE XF201-3P IRT (All versions \u003c V5.5.2), SCALANCE XF202-2P IRT (All versions \u003c V5.5.2), SCALANCE XF204-2BA IRT (All versions \u003c V5.5.2), SCALANCE XF204IRT (All versions \u003c V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions \u003c V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default.\n\nThis could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data\npassed over the connection between legitimate clients and the affected device.",
  "id": "GHSA-6488-g94h-5jh6",
  "modified": "2023-04-11T12:30:25Z",
  "published": "2023-04-11T12:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29054"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479249.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6528-WVF6-F6QG

Vulnerability from github – Published: 2018-07-12 20:29 – Updated: 2024-10-18 21:58
VLAI
Summary
Pycrypto generates weak key parameters
Details

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "pycrypto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-6594"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:18:02Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto\u0027s ElGamal implementation.",
  "id": "GHSA-6528-wvf6-f6qg",
  "modified": "2024-10-18T21:58:31Z",
  "published": "2018-07-12T20:29:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6594"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dlitz/pycrypto/issues/253"
    },
    {
      "type": "WEB",
      "url": "https://github.com/TElgamal/attack-on-pycrypto-elgamal"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-6528-wvf6-f6qg"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dlitz/pycrypto"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/pycrypto/PYSEC-2018-97.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202007-62"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3616-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3616-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Pycrypto generates weak key parameters"
}

GHSA-65JW-CRRG-PJJ9

Vulnerability from github – Published: 2022-05-17 02:34 – Updated: 2022-05-17 02:34
VLAI
Details

IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. IBM X-Force ID: 125731.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-1319"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-08T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. IBM X-Force ID: 125731.",
  "id": "GHSA-65jw-crrg-pjj9",
  "modified": "2022-05-17T02:34:57Z",
  "published": "2022-05-17T02:34:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1319"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125731"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg22002871"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038504"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-65V8-8343-JCQR

Vulnerability from github – Published: 2021-12-07 00:00 – Updated: 2022-07-13 00:01
VLAI
Details

Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database's encrypted content

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22170"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-06T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some of the database\u0027s encrypted content",
  "id": "GHSA-65v8-8343-jcqr",
  "modified": "2022-07-13T00:01:08Z",
  "published": "2021-12-07T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22170"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22170.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/36855"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use an encryption scheme that is currently considered to be strong by experts in the field.

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-192: Protocol Analysis

An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.

CAPEC-20: Encryption Brute Forcing

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.