Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-06 | CVE-2018-5461 | Inadequate Encryption Strength vulnerability in Belden products An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. | 5.8 |
2018-03-01 | CVE-2018-6653 | Inadequate Encryption Strength vulnerability in Comforte Swap comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. | 5.0 |
2018-02-27 | CVE-2018-1425 | Inadequate Encryption Strength vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 4.3 |
2018-02-05 | CVE-2018-6635 | Inadequate Encryption Strength vulnerability in Avaya Aura System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896. | 6.0 |
2018-02-03 | CVE-2018-6594 | Inadequate Encryption Strength vulnerability in multiple products lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). | 5.0 |
2018-01-08 | CVE-2018-5298 | Inadequate Encryption Strength vulnerability in PG Oral-B APP 5.0.0 In the Procter & Gamble "Oral-B App" (aka com.pg.oralb.oralbapp) application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences. | 5.0 |
2018-01-04 | CVE-2017-1665 | Inadequate Encryption Strength vulnerability in multiple products IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 4.3 |
2018-01-04 | CVE-2017-1664 | Inadequate Encryption Strength vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 4.3 |
2018-01-03 | CVE-2017-1000486 | Inadequate Encryption Strength vulnerability in Primetek Primefaces Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution | 7.5 |
2017-12-16 | CVE-2017-14090 | Inadequate Encryption Strength vulnerability in Trendmicro Scanmail 12.0 A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted. | 6.4 |