Vulnerabilities > Inadequate Encryption Strength

DATE CVE VULNERABILITY TITLE RISK
2018-01-04 CVE-2017-1664 Inadequate Encryption Strength vulnerability in IBM Security KEY Lifecycle Manager
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
ibm CWE-326
5.9
2018-01-03 CVE-2017-1000486 Inadequate Encryption Strength vulnerability in Primetek Primefaces
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
network
low complexity
primetek CWE-326
critical
9.8
2017-12-16 CVE-2017-14090 Inadequate Encryption Strength vulnerability in Trendmicro Scanmail 12.0
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted.
network
low complexity
trendmicro CWE-326
critical
9.1
2017-12-07 CVE-2017-1271 Inadequate Encryption Strength vulnerability in IBM Security Guardium 9.0/9.1/9.5
IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties.
network
low complexity
ibm CWE-326
7.5
2017-12-07 CVE-2017-17436 Inadequate Encryption Strength vulnerability in Vaulteksafe Vt20I Firmware
An issue was discovered in the software on Vaultek Gun Safe VT20i products.
low complexity
vaulteksafe CWE-326
8.8
2017-11-23 CVE-2017-13699 Inadequate Encryption Strength vulnerability in Moxa Eds-G512E Firmware 5.1
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices.
network
low complexity
moxa CWE-326
7.5
2017-11-22 CVE-2017-8174 Inadequate Encryption Strength vulnerability in Huawei products
Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability.
network
low complexity
huawei CWE-326
7.5
2017-10-24 CVE-2017-1375 Inadequate Encryption Strength vulnerability in IBM Storwize Unified V7000 Software 1.5/1.6
IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-326
7.5
2017-10-19 CVE-2012-6707 Inadequate Encryption Strength vulnerability in Wordpress
WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values.
network
low complexity
wordpress CWE-326
7.5
2017-10-01 CVE-2017-14797 Inadequate Encryption Strength vulnerability in Philips HUE Bridge Bsb002 Firmware 1707040932
Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network.
high complexity
philips CWE-326
7.5