CWE-327— Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.— MITRE CWE catalog
688 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-327page 7 of 14
- CVE-2021-39082HIGHCVSS 7.5EG 7.52022-04-29
IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
- CVE-2021-39182HIGHCVSS 7.5EG 7.52021-11-08
EnroCrypt is a Python module for encryption and hashing. Prior to version 1.1.4, EnroCrypt used the MD5 hashing algorithm in the hashing file. Beginners who are unfamiliar with hashes can face problems as MD5 is considered an insecure hash…
- CVE-2021-3979MEDIUMCVSS 6.5EG 6.52022-08-25
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confide…
- CVE-2021-40006MEDIUMCVSS 4.6EG 4.62022-01-10
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2021-40528MEDIUMCVSS 5.9EG 5.92021-09-06
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generato…
- CVE-2021-40529MEDIUMCVSS 5.9EG 5.92021-09-06
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined …
- CVE-2021-40530MEDIUMCVSS 5.9EG 5.92021-09-06
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator …
- CVE-2021-41096HIGHCVSS 7.5EG 7.52021-09-27
Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 and earlier for release builds and versions 425 and earlier for nightly builds suffer from use of a weak cryptographic algorithm (RSA/ECB/PKCS1Padding). The issue will be…
- CVE-2021-41168MEDIUMCVSS 6.5EG 6.52021-10-21
Snudown is a reddit-specific fork of the Sundown Markdown parser used by GitHub, with Python integration added. In affected versions snudown was found to be vulnerable to denial of service attacks to its reference table implementation. Ref…
- CVE-2021-41263HIGHCVSS 8.3EG 8.32021-11-15
rails_multisite provides multi-db support for Rails applications. In affected versions this vulnerability impacts any Rails applications using `rails_multisite` alongside Rails' signed/encrypted cookies. Depending on how the application ma…
- CVE-2021-41278MEDIUMCVSS 5.7EG 5.72021-11-19
Functions SDK for EdgeX is meant to provide all the plumbing necessary for developers to get started in processing/transforming/exporting data out of the EdgeX IoT platform. In affected versions broken encryption in app-functions-sdk “AE…
- CVE-2021-41835HIGHCVSS 7.3EG 7.32022-01-21
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an…
- CVE-2021-42216CRITICALCVSS 9.8EG 9.82021-12-15
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
- CVE-2021-42583HIGHCVSS 7.5EG 7.52021-12-28
A Broken or Risky Cryptographic Algorithm exists in Max Mazurov Maddy before 0.5.2, which is an unnecessary risk that may result in the exposure of sensitive information.
- CVE-2021-43550MEDIUMCVSS 5.9EG 5.92021-12-27
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 an…
- CVE-2021-43774MEDIUMCVSS 4.9EG 4.92022-03-03
A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default credentials) can download the address book fi…
- CVE-2021-43808MEDIUMCVSS 5.3EG 5.32021-12-08
Laravel is a web application framework. Laravel prior to versions 8.75.0, 7.30.6, and 6.20.42 contain a possible cross-site scripting (XSS) vulnerability in the Blade templating engine. A broken HTML element may be clicked and the user tak…
- CVE-2021-43989HIGHCVSS 7.5EG 7.52021-12-23
mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker to crack the previously retrieved password hashes.
- CVE-2021-44150HIGHCVSS 7.5EG 3.12021-11-22
The client in tusdotnet through 2.5.0 relies on SHA-1 to prevent spoofing of file content.
- CVE-2021-45081MEDIUMCVSS 5.9EG 5.92022-02-20
An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS.
- CVE-2021-45450HIGHCVSS 7.5EG 7.52021-12-21
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
- CVE-2021-45451HIGHCVSS 7.5EG 7.52021-12-21
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
- CVE-2021-45485HIGHCVSS 7.5EG 7.52021-12-25
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choo…
- CVE-2021-45486LOWCVSS 3.5EG 3.52021-12-25
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
- CVE-2021-45487HIGHCVSS 7.5EG 7.52021-12-25
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
- CVE-2021-45488HIGHCVSS 7.5EG 7.52021-12-25
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
- CVE-2021-45512HIGHCVSS 8.6EG 9.82021-12-26
Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90,…
- CVE-2021-45696CRITICALCVSS 9.8EG 9.82021-12-27
An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 for Rust. Hashes of long messages may be incorrect when the AVX2-accelerated backend is used.
- CVE-2021-46559HIGHCVSS 7.5EG 7.52022-01-26
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to defeat an inspection mechanism for integrity protection.
- CVE-2021-46900HIGHCVSS 7.5EG 7.52023-12-31
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not ensure that this parameter exists and has an unpredictable value. Specifically, the cookie parameter is both a salt for stored passwords and an …
- CVE-2021-47712HIGHCVSS 7.5EG 7.52025-12-18
A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential …
- CVE-2022-0377MEDIUMCVSS 4.3EG 4.32022-02-28
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the ima…
- CVE-2022-1252HIGHCVSS 8.2EG 7.52022-04-11
Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. …
- CVE-2022-1434MEDIUMCVSS 5.9EG 5.92022-05-03
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify d…
- CVE-2022-20117MEDIUMCVSS 5.5EG 5.52022-05-10
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne…
- CVE-2022-20513MEDIUMCVSS 5.5EG 5.52022-12-16
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex…
- CVE-2022-20805MEDIUMCVSS 4.1EG 4.12022-04-21
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerab…
- CVE-2022-2097MEDIUMCVSS 5.3EG 5.32022-07-05
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wa…
- CVE-2022-21800MEDIUMCVSS 6.5EG 6.52022-02-18
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. A…
- CVE-2022-22310MEDIUMCVSS 6.5EG 6.52022-01-19
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applicat…
- CVE-2022-22313MEDIUMCVSS 4.4EG 4.42023-05-06
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370.
- CVE-2022-22327HIGHCVSS 7.5EG 7.52022-04-01
IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 218859.
- CVE-2022-22461MEDIUMCVSS 5.9EG 7.52022-12-22
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225007.
- CVE-2022-22462LOWCVSS 3.7EG 7.52023-01-26
IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225078.
- CVE-2022-22559HIGHCVSS 7.5EG 7.52022-04-12
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure.
- CVE-2022-22564MEDIUMCVSS 5.9EG 5.92023-02-14
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information…
- CVE-2022-23539MEDIUMCVSS 5.9EG 5.92022-12-23
Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an …
- CVE-2022-24296HIGHCVSS 7.5EG 7.52022-06-08
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Condit…
- CVE-2022-24403MEDIUMCVSS 4.3EG 4.32023-12-05
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK (Class 2 networks) or CCK (Class 3 networks). The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an…
- CVE-2022-25218HIGHCVSS 8.1EG 8.12022-03-10
The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary …
Map vulnerabilities like CWE-327 to your infrastructure
EchelonGraph correlates every CVE — across CWE-327 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →