Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2021-08-30 CVE-2021-33003 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Deltaww Diaenergie 1.7.5
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords in cleartext due to a weak hashing algorithm.
local
low complexity
deltaww CWE-327
5.5
2021-08-30 CVE-2021-29722 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-08-30 CVE-2021-29723 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-08-23 CVE-2021-29704 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0/38.2
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-08-12 CVE-2020-36363 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon Cloudfront 1.22019
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers.
network
low complexity
amazon CWE-327
critical
9.8
2021-08-11 CVE-2019-25052 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Linaro Op-Tee
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.
network
low complexity
linaro CWE-327
critical
9.1
2021-08-06 CVE-2021-37546 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.
network
low complexity
jetbrains CWE-327
5.3
2021-07-30 CVE-2021-37587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in JHU Charm 0.43
In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data.
network
low complexity
jhu CWE-327
6.5
2021-07-30 CVE-2021-37588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in JHU Charm 0.43
In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.
network
high complexity
jhu CWE-327
5.9
2021-07-26 CVE-2021-20337 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5