Vulnerabilities > Inadequate Encryption Strength

DATE CVE VULNERABILITY TITLE RISK
2022-05-19 CVE-2020-16235 Inadequate Encryption Strength vulnerability in Emerson Openenterprise Scada Server 2.8.3/3.1/3.3.3
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to access field devices and external systems to be obtained.
local
low complexity
emerson CWE-326
2.1
2022-05-12 CVE-2022-26020 Inadequate Encryption Strength vulnerability in Inhandnetworks Ir302 Firmware 3.5.37
An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4.
network
low complexity
inhandnetworks CWE-326
4.0
2022-05-06 CVE-2021-27761 Inadequate Encryption Strength vulnerability in Hcltech Bigfix Platform
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks
network
low complexity
hcltech CWE-326
5.0
2022-05-06 CVE-2022-28164 Inadequate Encryption Strength vulnerability in Broadcom Sannav 2.1.0/2.1.1
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords.
network
low complexity
broadcom CWE-326
4.0
2022-05-04 CVE-2021-32010 Inadequate Encryption Strength vulnerability in Secomea products
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks.
network
secomea CWE-326
6.8
2022-05-03 CVE-2022-22368 Inadequate Encryption Strength vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-326
5.0
2022-04-20 CVE-2022-1318 Inadequate Encryption Strength vulnerability in Carrier Hills Comnav Firmware 300219
Hills ComNav version 3002-19 suffers from a weak communication channel.
local
low complexity
carrier CWE-326
2.1
2022-04-15 CVE-2022-20677 Inadequate Encryption Strength vulnerability in Cisco IOS 17.6.1
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software.
local
low complexity
cisco CWE-326
7.2
2022-04-11 CVE-2022-0828 Inadequate Encryption Strength vulnerability in Wpdownloadmanager Wordpress Download Manager
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download.
network
low complexity
wpdownloadmanager CWE-326
5.0
2022-04-06 CVE-2021-45104 Inadequate Encryption Strength vulnerability in Wisc Htcondor
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1.
network
wisc CWE-326
5.8