Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-17 | CVE-2023-24502 | Inadequate Encryption Strength vulnerability in Electra-Air Central AC Unit Firmware Electra Central AC unit – The unit opens an AP with an easily calculated password. | 6.5 |
| 2023-04-11 | CVE-2023-27389 | Inadequate Encryption Strength vulnerability in Contec products Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file, alter the information, cause a denial-of-service (DoS) condition, and/or execute arbitrary code. | 7.2 |
| 2023-03-22 | CVE-2023-22271 | Inadequate Encryption Strength vulnerability in Adobe Experience Manager Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for Passwords vulnerability that can lead to a security feature bypass. | 5.3 |
| 2023-03-10 | CVE-2023-23911 | Inadequate Encryption Strength vulnerability in Rocket.Chat An improper access control vulnerability exists prior to v6 that could allow an attacker to break the E2E encryption of a chat room by a user changing the group key of a chat room. | 7.5 |
| 2023-03-06 | CVE-2022-45141 | Inadequate Encryption Strength vulnerability in Samba Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption (eg aes256-cts-hmac-sha1-96). | 9.8 |
| 2023-02-11 | CVE-2022-34385 | Inadequate Encryption Strength vulnerability in Dell products SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain cryptographic weakness vulnerability. | 5.5 |
| 2023-02-09 | CVE-2023-21443 | Inadequate Encryption Strength vulnerability in Samsung Flow Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands. | 8.8 |
| 2023-02-09 | CVE-2023-21444 | Inadequate Encryption Strength vulnerability in Samsung Flow Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. | 8.8 |
| 2023-02-01 | CVE-2022-43922 | Inadequate Encryption Strength vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. | 6.5 |
| 2023-01-05 | CVE-2021-40341 | Inadequate Encryption Strength vulnerability in Hitachienergy Foxman-Un and Unem DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements. | 5.5 |