Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-18 | CVE-2022-45453 | Inadequate Encryption Strength vulnerability in Acronis Cyber Protect 15 TLS/SSL weak cipher suites enabled. | 7.5 |
2023-05-17 | CVE-2023-1764 | Inadequate Encryption Strength vulnerability in Canon IJ Network Tool Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software. | 6.5 |
2023-05-11 | CVE-2023-2443 | Inadequate Encryption Strength vulnerability in Rockwellautomation Thinmanager Rockwell Automation ThinManager product allows the use of medium strength ciphers. | 7.5 |
2023-05-10 | CVE-2023-30351 | Inadequate Encryption Strength vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. | 7.5 |
2023-05-01 | CVE-2023-2197 | Inadequate Encryption Strength vulnerability in Hashicorp Vault 1.13.0 HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in order to derive Vault’s root key. | 2.5 |
2023-04-19 | CVE-2023-28124 | Inadequate Encryption Strength vulnerability in UI Desktop 0.55.1.2/0.55.3.17/0.59.1.71 Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow users with access to UI Desktop configuration files to decrypt their content.This vulnerability is fixed in Version 0.62.3 and later. | 5.5 |
2023-04-17 | CVE-2023-24502 | Inadequate Encryption Strength vulnerability in Electra-Air Central AC Unit Firmware Electra Central AC unit – The unit opens an AP with an easily calculated password. | 6.5 |
2023-04-11 | CVE-2023-27389 | Inadequate Encryption Strength vulnerability in Contec products Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. | 7.2 |
2023-03-22 | CVE-2023-22271 | Inadequate Encryption Strength vulnerability in Adobe Experience Manager Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. | 5.3 |
2023-03-10 | CVE-2023-23911 | Inadequate Encryption Strength vulnerability in Rocket.Chat An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room. | 7.5 |