Knowledge Base - Issues

Our knowledge-base provides a comprehensive collection of information on vulnerabilities related to cyber security.
ASP.NET ViewState without MAC enabled is a cryptography vulnerability, classified under CWE-352, that occurs in web and API applications. It occurs when the application does not properly validate the ViewState data transmitted between the client and the server, enabling malicious users to tamper with the contents of the ViewState. This...
Base64-encoded data in parameter is a type of cryptography vulnerability that occurs in Web and API applications. According to Common Weakness Enumeration (CWE) directory, it is classified as CWE-344: Improper Insufficient Cryptographic Validation. This vulnerability is caused when an application fails to validate or restrict the unverified Base64- encoded data...
Incorrect Usage of Seeds in Pseudo-Random Number Generator (CWE-331) is a vulnerability that occurs when a seed value used to initialize a Pseudo-Random Number Generator (PRNG) is not generated or chosen properly. This can allow a malicious actor to predict the output of the PRNG and exploit the generated numbers...

/ Insufficient Entropy

Insufficient entropy, also known as CWE-330, is an IT vulnerability in the cryptography domain. It is classified as a weakness in the CWE directory and is also discussed in the OWASP Testing Guide. This vulnerability occurs when a system generates cryptographic keys with insufficient entropy. This means that the keys...

/ JWT HMAC Encryption

JWT HMAC Encryption is a type of encryption vulnerability that affects web and Application Programming Interfaces (APIs). According to the Common Weakness Enumeration directory (CWE), JWT HMAC Encryption is a vulnerability that occurs when a software system fails to properly validate digital tokens that are signed with symmetric key cryptographic...
Password Hash with Insufficient Computational Effort (CWE-521) is a Cryptography vulnerability related to the use of weak password hashing algorithms. This type of vulnerability occurs in Mobile Apps, Infrastructure, Web and API. It happens when an application does not use a strong enough hashing algorithm for passwords, which can be...
Predictable Exact Value from Previous Values (CWE-329) is a vulnerability within the cryptography category. It occurs when an attacker can predict the exact value of a certain cryptographic element that is generated using an algorithm that is based on the previous value of the same element. This can be exploited...
Predictable from Observable State is a type of Cryptography vulnerability which is related to CWE-326 (Inadequate Encryption Strength). This vulnerability allows attackers to easily guess the encryption key and decipher the encrypted data, due to the use of weak encryption or weak entropy. It is also known as a “weak...
Predictable Value Range from Previous Values (CWE-328) is a vulnerability in cryptography found in web and API applications. It occurs when a user of an application can guess the range of the random numbers that are generated because the range is too small or predictable. This can lead to an...
Small Space of Random Values (SSRV) is a cryptographic vulnerability which occurs in web and API applications. It is defined in the Common Weakness Enumeration (CWE) directory as CWE-331. SSRV is a problem that occurs when a cryptographic system or protocol uses a small space of random values (SSRV) to...
SSH Server CBC Mode Ciphers Enabled is a vulnerability that affects security in the domain of Cryptography. It is classified as CWE-327, which is defined as the use of cryptographic algorithms that rely on the Cipher Block Chaining (CBC) Mode encryption. This vulnerability can be discovered through various means, such...
SSH Weak MAC Algorithms Enabled (CWE-327) is a vulnerability in the cryptographic protocols used to protect data sent over unsecured networks. This vulnerability occurs when an SSH server or client is configured to allow weak MAC algorithms, such as MD5 or HMAC-MD5, to be used during authentication. This can allow...
SSL Anonymous Cipher Suites Supported vulnerability (CWE-310) is when secure sockets layer (SSL) uses cipher suites that do not authenticate the parties involved in a secure communication. According to the OWASP Testing Guide, this vulnerability allows attackers to perform man-in-the-middle attacks, allowing them to gain access to sensitive information or...
SSL Certificate Chain Contains RSA Keys Less Than 2048 bits is a type of cryptographic vulnerability (CWE-310) which occurs when an SSL certificate chain contains RSA keys that are less than 2048 bits in length. This type of vulnerability is particularly common in infrastructure environments and can lead to serious...
SSL Certificate Signed Using Weak Hashing Algorithm is a vulnerability associated with the cryptographic algorithm used to sign the SSL certificate. This vulnerability is categorized as CWE-327, which is defined as “the use of a weak cryptographic algorithm or its parameters for protecting sensitive data” (CWE, 2020). This specific vulnerability...
SSL Medium Strength Cipher Suites Supported (SWEET32) is a vulnerability in Cryptography that occurs in Infrastructure. The Common Weakness Enumeration (CWE) directory identifies this vulnerability as CWE-327, which suggests that the cryptographic algorithm used is too weak to protect the data it is intended to secure. According to the OWASP...
SSL RC4 Cipher Suites Supported (Bar Mitzvah) is a vulnerability in the encryption of web traffic. It is related to the RC4 stream cipher, which is used in some versions of the SSL/TLS protocol. This vulnerability can allow an attacker to decrypt web traffic and gain access to sensitive information....
SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) is a vulnerability in cryptography that affects infrastructure. It is categorized as CWE-327: Use of a Broken or Risky Cryptographic Algorithm and is identified as an A8 Insecure Cryptographic Storage in the OWASP Testing Guide. This vulnerability occurs when an organization uses a...
Supported weak SSH algorithms is a vulnerability in cryptography related to the transmission of data between two systems (CWE-327). This vulnerability allows the use of weak encryption algorithms and the use of weak encryption keys. As a result, the data transmitted between the two systems could be intercepted, modified, or...
Use of Predictable Algorithm in Random Number Generator (CWE-338) is a vulnerability in cryptography that occurs when a predictable algorithm is used to generate random numbers. This can lead to the predictability of the random numbers, allowing an attacker to access sensitive information or bypass authentication measures. According to the...

/ Weak Cipher Suites

Weak Cipher Suites, classified as CWE-327 and CWE-310, is a cryptography vulnerability that occurs in web and API systems. It is a type of weakness where a system does not correctly implement cryptographic protocols and algorithms, which can lead to the encryption key being weakened and the system's data being...

/ Weak Cryptography

Weak Cryptography (CWE-327) is a vulnerability related to cryptography which occurs when an application or system uses cryptographic algorithms that are insecure or have known weaknesses. The main risk of this vulnerability is that attackers can easily break the weak cryptography, allowing them to decipher the encrypted data. As defined...

/ Weak PSK

Weak PSK (CWE-327) is a cryptography-based IT vulnerability that occurs in infrastructure, such as wireless routers and access points. This type of vulnerability occurs when the pre-shared key (PSK) that is used to authenticate a user is weak or too short. This makes it easier for an attacker to guess...
Weak Transport Layer Security (TLS) is a type of cryptography vulnerability in which the secure communication between a web application or API and a client is weak or incomplete. This vulnerability is categorized as CWE-311 in the Common Weakness Enumeration (CWE) directory and is described as "Inadequate Encryption Strength" in...
Showing entries 1 to 24 of 24 entries.