CWE-326
Allowed-with-ReviewInadequate Encryption Strength
Abstraction: Class · Status: Draft
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
631 vulnerabilities reference this CWE, most recent first.
GHSA-WH9W-PC8Q-W744
Vulnerability from github – Published: 2022-05-24 17:28 – Updated: 2022-05-24 17:28In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weakened disk encryption. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-153450752References: N/A
{
"affected": [],
"aliases": [
"CVE-2020-0407"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-17T16:15:00Z",
"severity": "MODERATE"
},
"details": "In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus weakened disk encryption. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-153450752References: N/A",
"id": "GHSA-wh9w-pc8q-w744",
"modified": "2022-05-24T17:28:49Z",
"published": "2022-05-24T17:28:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0407"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2020-09-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WJ23-CPP8-Q2WC
Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-05-13 01:14IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.
{
"affected": [],
"aliases": [
"CVE-2016-3019"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-07T17:29:00Z",
"severity": "MODERATE"
},
"details": "IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.",
"id": "GHSA-wj23-cpp8-q2wc",
"modified": "2022-05-13T01:14:03Z",
"published": "2022-05-13T01:14:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3019"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/114462"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21988419"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98832"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038616"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WM3Q-JWQR-F6R7
Vulnerability from github – Published: 2023-11-09 15:30 – Updated: 2023-11-20 18:30The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims.
{
"affected": [],
"aliases": [
"CVE-2023-47373"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-09T15:15:09Z",
"severity": "MODERATE"
},
"details": "The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims.",
"id": "GHSA-wm3q-jwqr-f6r7",
"modified": "2023-11-20T18:30:46Z",
"published": "2023-11-09T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47373"
},
{
"type": "WEB",
"url": "https://github.com/syz913/CVE-reports/blob/main/DRAGON%20FAMILY.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WMXW-5JH4-P3J8
Vulnerability from github – Published: 2022-05-13 01:21 – Updated: 2022-05-13 01:21Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. An attacker able to capture cookies might be able to trivially bruteforce offline the passwords of associated users.
{
"affected": [],
"aliases": [
"CVE-2019-10907"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-07T14:29:00Z",
"severity": "CRITICAL"
},
"details": "Airsonic 10.2.1 uses Spring\u0027s default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. An attacker able to capture cookies might be able to trivially bruteforce offline the passwords of associated users.",
"id": "GHSA-wmxw-5jh4-p3j8",
"modified": "2022-05-13T01:21:57Z",
"published": "2022-05-13T01:21:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10907"
},
{
"type": "WEB",
"url": "https://github.com/airsonic/airsonic/commit/3e07ea52885f88d3fbec444dfd592f27bfb65647"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WP37-JVQQ-RRMF
Vulnerability from github – Published: 2022-04-30 18:21 – Updated: 2024-02-14 18:30Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.
{
"affected": [],
"aliases": [
"CVE-2002-1739"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2002-12-31T05:00:00Z",
"severity": "LOW"
},
"details": "Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.",
"id": "GHSA-wp37-jvqq-rrmf",
"modified": "2024-02-14T18:30:22Z",
"published": "2022-04-30T18:21:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1739"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9025"
},
{
"type": "WEB",
"url": "http://online.securityfocus.com/archive/1/271374"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/4686"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WP56-RP8W-8P9W
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level.
{
"affected": [],
"aliases": [
"CVE-2017-9645"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-20T16:29:00Z",
"severity": "MODERATE"
},
"details": "An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). Decryption of data is possible at the hardware level.",
"id": "GHSA-wp56-rp8w-8p9w",
"modified": "2022-05-13T01:36:07Z",
"published": "2022-05-13T01:36:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9645"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-208-02"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WQ95-V39H-77G7
Vulnerability from github – Published: 2022-05-14 02:12 – Updated: 2022-05-14 02:12An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher.
{
"affected": [],
"aliases": [
"CVE-2016-4693"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-20T08:59:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Security\" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher.",
"id": "GHSA-wq95-v39h-77g7",
"modified": "2022-05-14T02:12:44Z",
"published": "2022-05-14T02:12:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4693"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207422"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207423"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT207487"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94905"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037469"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WQX4-CGQQ-CPGW
Vulnerability from github – Published: 2025-07-03 12:34 – Updated: 2025-07-03 12:34The hard drives of the device are not encrypted using a full volume encryption feature such as BitLocker. This allows an attacker with physical access to the device to use an alternative operating system to interact with the hard drives, completely circumventing the Windows login. The attacker can read from and write to all files on the hard drives.
{
"affected": [],
"aliases": [
"CVE-2025-27460"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-03T12:15:24Z",
"severity": "HIGH"
},
"details": "The hard drives of the device are not encrypted using a full volume encryption feature such as BitLocker. This allows an attacker with physical access to the device to use an alternative operating system to interact with the hard drives, completely circumventing the Windows login. The attacker can read from and write to all files on the hard drives.",
"id": "GHSA-wqx4-cgqq-cpgw",
"modified": "2025-07-03T12:34:58Z",
"published": "2025-07-03T12:34:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27460"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"type": "WEB",
"url": "https://www.endress.com"
},
{
"type": "WEB",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.json"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WR6F-49RM-HX88
Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2022-05-24 16:49In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.
{
"affected": [],
"aliases": [
"CVE-2019-10638"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-05T23:15:00Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.",
"id": "GHSA-wr6f-49rm-hx88",
"modified": "2022-05-24T16:49:41Z",
"published": "2022-05-24T16:49:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10638"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/55f0fc7a02de8f12757f4937143d8d5091b2e40b"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/df453700e8d81b1bdafdf684365ee2b9431fb702"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4497"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4495"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4118-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4117-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4116-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4115-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4114-1"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190806-0001"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Nov/11"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Aug/18"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Aug/13"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html"
},
{
"type": "WEB",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df453700e8d81b1bdafdf684365ee2b9431fb702"
},
{
"type": "WEB",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.7"
},
{
"type": "WEB",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8"
},
{
"type": "WEB",
"url": "https://arxiv.org/pdf/1906.10478.pdf"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3517"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/109092"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WRGV-JMFR-C4GR
Vulnerability from github – Published: 2026-02-17 21:31 – Updated: 2026-02-17 21:31IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
{
"affected": [],
"aliases": [
"CVE-2025-36379"
],
"database_specific": {
"cwe_ids": [
"CWE-326"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-17T21:22:15Z",
"severity": "MODERATE"
},
"details": "IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.",
"id": "GHSA-wrgv-jmfr-c4gr",
"modified": "2026-02-17T21:31:14Z",
"published": "2026-02-17T21:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36379"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7260390"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Use an encryption scheme that is currently considered to be strong by experts in the field.
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-192: Protocol Analysis
An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.
CAPEC-20: Encryption Brute Forcing
An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.