Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-21 | CVE-2020-10125 | Inadequate Encryption Strength vulnerability in NCR Aptra XFS 04.02.01/05.01.00 NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor (BNA) software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files and CAB archives used to update BNA software, as well as bypass application whitelisting, resulting in the ability to execute arbitrary code. | 7.6 |
| 2020-07-29 | CVE-2020-5763 | Inadequate Encryption Strength vulnerability in Grandstream products Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. | 8.8 |
| 2020-07-23 | CVE-2020-10919 | Inadequate Encryption Strength vulnerability in Automationdirect C-More HMI EA9 Firmware 6.52 This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. | 5.9 |
| 2020-07-08 | CVE-2020-1982 | Inadequate Encryption Strength vulnerability in Paloaltonetworks Pan-Os Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. | 4.8 |
| 2020-07-01 | CVE-2017-1712 | Inadequate Encryption Strength vulnerability in Hcltech Domino 9.0 "A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. | 5.9 |
| 2020-06-24 | CVE-2020-10275 | Inadequate Encryption Strength vulnerability in multiple products The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. | 9.8 |
| 2020-06-15 | CVE-2020-0533 | Inadequate Encryption Strength vulnerability in Intel Converged Security Management Engine Firmware Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access. | 6.7 |
| 2020-06-12 | CVE-2020-3929 | Inadequate Encryption Strength vulnerability in Usavisionsys products GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. | 5.9 |
| 2020-06-11 | CVE-2020-12714 | Inadequate Encryption Strength vulnerability in Ciphermail Gateway and Webmail Messenger An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 through 3.1.1-0. | 5.9 |
| 2020-06-03 | CVE-2020-13785 | Inadequate Encryption Strength vulnerability in Dlink Dir-865L Firmware 1.20B01 D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength. | 7.5 |