Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-07 | CVE-2017-1271 | Inadequate Encryption Strength vulnerability in IBM Security Guardium 9.0/9.1/9.5 IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. | 5.0 |
| 2017-12-07 | CVE-2017-17436 | Inadequate Encryption Strength vulnerability in Vaulteksafe Vt20I Firmware An issue was discovered in the software on Vaultek Gun Safe VT20i products. | 3.3 |
| 2017-11-23 | CVE-2017-13699 | Inadequate Encryption Strength vulnerability in Moxa Eds-G512E Firmware 5.1 An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. | 5.0 |
| 2017-11-22 | CVE-2017-8174 | Inadequate Encryption Strength vulnerability in Huawei products Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. | 5.0 |
| 2017-10-24 | CVE-2017-1375 | Inadequate Encryption Strength vulnerability in IBM Storwize Unified V7000 Software 1.5/1.6 IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2017-10-19 | CVE-2012-6707 | Inadequate Encryption Strength vulnerability in Wordpress WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. | 5.0 |
| 2017-10-01 | CVE-2017-14797 | Inadequate Encryption Strength vulnerability in Philips HUE Bridge Bsb002 Firmware 1707040932 Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network. | 7.9 |
| 2017-09-20 | CVE-2017-9645 | Inadequate Encryption Strength vulnerability in Mirion products An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 and variants (including Solar PWR Package), DRM and RDS Based Boundary Monitors, External Transmitters, Telepole II, and MESH Repeater (Telemetry Enabled Devices). | 3.3 |
| 2017-09-11 | CVE-2017-14262 | Inadequate Encryption Strength vulnerability in Samsung products On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter. | 9.3 |
| 2017-09-01 | CVE-2017-12871 | Inadequate Encryption Strength vulnerability in Simplesamlphp The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.x through 1.14.11 makes it easier for context-dependent attackers to bypass the encryption protection mechanism by leveraging use of the first 16 bytes of the secret key as the initialization vector (IV). | 4.3 |