Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm

DATE CVE VULNERABILITY TITLE RISK
2017-06-06 CVE-2017-5243 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Rapid7 Nexpose
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions.
network
high complexity
rapid7 CWE-327
8.5
2017-04-27 CVE-2017-5186 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
network
low complexity
netiq novell CWE-327
7.5
2017-03-01 CVE-2016-6485 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Magento Magento2
The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value.
network
low complexity
magento CWE-327
7.5
2017-02-13 CVE-2016-8370 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mitsubishielectric products
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions.
network
low complexity
mitsubishielectric CWE-327
7.5
2017-01-23 CVE-2016-6602 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Zohocorp Webnms Framework 5.2
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml.
network
low complexity
zohocorp CWE-327
critical
9.8
2016-09-18 CVE-2016-0923 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe
The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used.
network
low complexity
dell CWE-327
7.5
2015-08-20 CVE-2015-0535 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe and Bsafe Ssl-C
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a similar issue to CVE-2015-0204.
network
low complexity
dell CWE-327
7.5
2015-08-20 CVE-2015-0533 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe and Bsafe Ssl-C
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-3572.
network
low complexity
dell CWE-327
7.5
2008-08-22 CVE-2008-3775 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Newsoftwares Folder Lock
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local administrators to obtain sensitive information by reading and decrypting the QualityControl\_pack registry value.
local
low complexity
newsoftwares CWE-327
4.4
2008-07-22 CVE-2008-3188 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Opensuse 11.0
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5 algorithm, which makes it easier for attackers to conduct brute-force attacks against hashed passwords.
network
low complexity
opensuse CWE-327
7.5