Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-13 | CVE-2019-4160 | Inadequate Encryption Strength vulnerability in IBM Security Guardium Data Encrpytion 3.0.0.2 IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-01-13 | CVE-2021-3131 | Inadequate Encryption Strength vulnerability in 1C 1C:Enterprise The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter. | 7.5 |
2021-01-01 | CVE-2017-20001 | Inadequate Encryption Strength vulnerability in AES Encryption Project AES Encryption The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. | 7.5 |
2020-11-12 | CVE-2020-17494 | Inadequate Encryption Strength vulnerability in Untangle Firewall NG Untangle Firewall NG before 16.0 uses MD5 for passwords. | 5.3 |
2020-11-12 | CVE-2020-8761 | Inadequate Encryption Strength vulnerability in Intel Converged Security and Manageability Engine Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. | 4.6 |
2020-11-12 | CVE-2020-9128 | Inadequate Encryption Strength vulnerability in Huawei Fusioncompute 8.0.0 FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. | 4.4 |
2020-10-29 | CVE-2020-5938 | Inadequate Encryption Strength vulnerability in F5 products On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow. | 6.5 |
2020-10-21 | CVE-2020-3549 | Inadequate Encryption Strength vulnerability in Cisco Firepower Threat Defense A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. | 8.1 |
2020-10-02 | CVE-2020-7069 | Inadequate Encryption Strength vulnerability in multiple products In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. | 6.5 |
2020-08-26 | CVE-2020-5917 | Inadequate Encryption Strength vulnerability in F5 products In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2 and BIG-IQ versions 5.2.0-7.0.0, the host OpenSSH servers utilize keys of less than 2048 bits which are no longer considered secure. | 5.9 |