Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2020-09-22 CVE-2020-4614 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-09-22 CVE-2020-4613 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-09-16 CVE-2020-14517 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Wibu Codemeter 6.50A/6.81
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with the CodeMeter API.
network
low complexity
wibu CWE-327
critical
9.8
2020-09-08 CVE-2019-14089 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Qualcomm products
u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, Nicobar, QCS404, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
local
low complexity
qualcomm CWE-327
7.8
2020-08-27 CVE-2020-4174 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium Insights 2.0.1
IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-08-27 CVE-2020-4169 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium Insights 2.0.1
IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2020-08-11 CVE-2020-8912 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS S3 Crypto SDK 1/2
A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2.
local
high complexity
amazon CWE-327
2.5
2020-08-11 CVE-2020-8911 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS S3 Crypto SDK 1/2
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2.
local
high complexity
amazon CWE-327
5.6
2020-08-10 CVE-2020-9528 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hichip Shenzhen Hichip Vision Technology Firmware 11.4.8.1.120170926
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.
network
low complexity
hichip CWE-327
7.5
2020-07-31 CVE-2020-15128 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Octobercms October
In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to.
network
high complexity
octobercms CWE-327
6.3