CWE-326

Inadequate Encryption Strength

AI Translation Available

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

Status

draft

Abstraction

class

Affected Platforms

Extended Description

AI Translation

A weak encryption scheme can be subjected to brute force attacks that have a reasonable chance of succeeding using current attack methods and resources.

Technical Details

AI Translation

Common Consequences

access control confidentiality

Impacts

bypass protection mechanism read application data

Detection Methods

automated static analysis

Potential Mitigations

Phases:

architecture and design

Descriptions:

• Use an encryption scheme that is currently considered to be strong by experts in the field.

AI Generated Translation

Common Consequences

controllo degli accessi riservatezza

Impacts

elusione del meccanismo di protezione leggere dati applicazione

Detection Methods

analisi statica automatizzata

Potential Mitigations

Phases:

architettura e design

Descriptions:

• Utilizza uno schema di crittografia attualmente considerato sicuro dagli esperti del settore.

CWE-326

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Iscriviti alla newsletter