Vulnerabilities > Inadequate Encryption Strength
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-06 | CVE-2022-45141 | Inadequate Encryption Strength vulnerability in Samba Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96). | 9.8 |
2023-02-11 | CVE-2022-34385 | Inadequate Encryption Strength vulnerability in Dell products SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. | 5.5 |
2023-02-09 | CVE-2023-21443 | Inadequate Encryption Strength vulnerability in Samsung Flow Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands. | 8.8 |
2023-02-09 | CVE-2023-21444 | Inadequate Encryption Strength vulnerability in Samsung Flow Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. | 8.8 |
2023-02-01 | CVE-2022-43922 | Inadequate Encryption Strength vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. | 6.5 |
2023-01-05 | CVE-2021-40341 | Inadequate Encryption Strength vulnerability in Hitachienergy Foxman-Un and Unem DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. | 5.5 |
2022-12-27 | CVE-2022-2582 | Inadequate Encryption Strength vulnerability in Amazon AWS Software Development KIT The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. | 4.3 |
2022-12-26 | CVE-2022-24116 | Inadequate Encryption Strength vulnerability in GE products Certain General Electric Renewable Energy products have inadequate encryption strength. | 9.8 |
2022-12-23 | CVE-2022-47931 | Inadequate Encryption Strength vulnerability in Iofinnet Tss-Lib IO FinNet tss-lib before 2.0.0 allows a collision of hash values. | 9.1 |
2022-12-19 | CVE-2022-38659 | Inadequate Encryption Strength vulnerability in Hcltech Bigfix Platform In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent. | 7.8 |