Common Weakness Enumeration

CWE-326

Allowed-with-Review

Inadequate Encryption Strength

Abstraction: Class · Status: Draft

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

631 vulnerabilities reference this CWE, most recent first.

GHSA-X6C6-RQQC-C89M

Vulnerability from github – Published: 2022-05-24 22:33 – Updated: 2022-05-24 22:33
VLAI
Details

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.​ Note that the ftps-extensions option is not enabled by default.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-5361"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-02-28T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.\u200b Note that the ftps-extensions option is not enabled by default.",
  "id": "GHSA-x6c6-rqqc-c89m",
  "modified": "2022-05-24T22:33:54Z",
  "published": "2022-05-24T22:33:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5361"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10706"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X6H3-HHV5-VWVJ

Vulnerability from github – Published: 2023-09-27 18:30 – Updated: 2024-04-04 07:56
VLAI
Details

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T16:21:35Z",
    "severity": "HIGH"
  },
  "details": "\nDell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.\n\n",
  "id": "GHSA-x6h3-hhv5-vwvj",
  "modified": "2024-04-04T07:56:04Z",
  "published": "2023-09-27T18:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4129"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000218045/dsa-2023-346-security-update-for-dell-data-protection-central"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X79H-858P-3WF4

Vulnerability from github – Published: 2024-03-06 12:30 – Updated: 2024-03-06 12:30
VLAI
Details

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system.

Successful exploitation of this vulnerability could allow the attacker to take control of the application and modify the access control of registered users or devices on the targeted system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-1224"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-06T12:15:45Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to take control of the application and modify the access control of registered users or devices on the targeted system.\n",
  "id": "GHSA-x79h-858p-3wf4",
  "modified": "2024-03-06T12:30:28Z",
  "published": "2024-03-06T12:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1224"
    },
    {
      "type": "WEB",
      "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0080"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X829-M68R-85MM

Vulnerability from github – Published: 2024-09-25 15:31 – Updated: 2024-10-01 21:31
VLAI
Details

OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-22892"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-25T15:15:13Z",
    "severity": "HIGH"
  },
  "details": "OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.",
  "id": "GHSA-x829-m68r-85mm",
  "modified": "2024-10-01T21:31:33Z",
  "published": "2024-09-25T15:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22892"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/mdickopp/0cab0d7f91b1f4ea0d326dd976db70e5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X8J8-PWR7-FRJW

Vulnerability from github – Published: 2022-05-24 19:12 – Updated: 2022-07-13 00:01
VLAI
Details

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39272"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-319",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-30T06:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.",
  "id": "GHSA-x8j8-pwr7-frjw",
  "modified": "2022-07-13T00:01:36Z",
  "published": "2022-05-24T19:12:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39272"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XJ6XLEJCEZCAM5LGGD6XBCC522QLG4"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXMKSEHAQSEDCWZMAOJEGX3P3JW6QY6H"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYCYLL73NP7ALJWSDICIVSA47ZIXWSSA"
    },
    {
      "type": "WEB",
      "url": "https://nostarttls.secvuln.info"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202209-14"
    },
    {
      "type": "WEB",
      "url": "https://www.fetchmail.info/security.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/08/27/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X98F-R46F-9W75

Vulnerability from github – Published: 2023-11-27 21:30 – Updated: 2023-12-04 18:30
VLAI
Details

An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-48034"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-27T21:15:07Z",
    "severity": "MODERATE"
  },
  "details": "An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.",
  "id": "GHSA-x98f-r46f-9w75",
  "modified": "2023-12-04T18:30:32Z",
  "published": "2023-11-27T21:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48034"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aprkr/CVE-2023-48034"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X9RV-VWW8-VMJ9

Vulnerability from github – Published: 2022-05-02 03:35 – Updated: 2022-05-02 03:35
VLAI
Details

neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2009-2474"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-08-21T17:30:00Z",
    "severity": "MODERATE"
  },
  "details": "neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.",
  "id": "GHSA-x9rv-vww8-vmj9",
  "modified": "2022-05-02T03:35:36Z",
  "published": "2022-05-02T03:35:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2474"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11721"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00924.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00945.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.manyfish.co.uk/pipermail/neon/2009-August/001044.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.manyfish.co.uk/pipermail/neon/2009-August/001046.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36371"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36799"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4435"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:221"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/36079"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-835-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2341"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-X9WR-745J-RM5J

Vulnerability from github – Published: 2024-08-28 09:30 – Updated: 2024-09-12 18:31
VLAI
Details

Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.  This issue affects NetIQ Advance Authentication versions before 6.3.5.1

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-38121"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-28T07:15:07Z",
    "severity": "HIGH"
  },
  "details": "Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.\u00a0 This issue affects NetIQ Advance Authentication versions before 6.3.5.1",
  "id": "GHSA-x9wr-745j-rm5j",
  "modified": "2024-09-12T18:31:39Z",
  "published": "2024-08-28T09:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38121"
    },
    {
      "type": "WEB",
      "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XC56-2WGW-3623

Vulnerability from github – Published: 2022-04-30 18:22 – Updated: 2024-02-14 18:30
VLAI
Details

Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2002-1910"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords.",
  "id": "GHSA-xc56-2wgw-3623",
  "modified": "2024-02-14T18:30:23Z",
  "published": "2022-04-30T18:22:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1910"
    },
    {
      "type": "WEB",
      "url": "http://online.securityfocus.com/archive/1/295309"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/10389.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/5970"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XFJ2-8V99-WP6X

Vulnerability from github – Published: 2022-05-24 17:16 – Updated: 2024-04-04 02:50
VLAI
Details

A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.5SP, < 4.6.4 and < 4.7.2 enable unauthenticated users to perform MITM attacks via the B&R upgrade server.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19101"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-326"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-04-29T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A missing secure communication definition and an incomplete TLS validation in the upgrade service in B\u0026R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, \u003c 4.3.11SP, \u003c 4.4.9SP, \u003c 4.5.5SP, \u003c 4.6.4 and \u003c 4.7.2 enable unauthenticated users to perform MITM attacks via the B\u0026R upgrade server.",
  "id": "GHSA-xfj2-8v99-wp6x",
  "modified": "2024-04-04T02:50:24Z",
  "published": "2022-05-24T17:16:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19101"
    },
    {
      "type": "WEB",
      "url": "https://www.br-automation.com/en/downloads/032020-multiple-vulnerabilities-in-automation-studio"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Use an encryption scheme that is currently considered to be strong by experts in the field.

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-192: Protocol Analysis

An adversary engages in activities to decipher and/or decode protocol information for a network or application communication protocol used for transmitting information between interconnected nodes or systems on a packet-switched data network. While this type of analysis involves the analysis of a networking protocol inherently, it does not require the presence of an actual or physical network.

CAPEC-20: Encryption Brute Forcing

An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key that decrypts the cipher text to obtain the plaintext.