Vulnerabilities > Use of a Broken or Risky Cryptographic Algorithm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-24 | CVE-2023-22812 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Westerndigital Sandisk Privateaccess SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols which are susceptible to man-in-the-middle attacks thereby compromising confidentiality and integrity of data. | 7.4 |
| 2023-02-22 | CVE-2023-23040 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Tp-Link Tl-Wr940N Firmware 63.19.1 TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin password used for basic authentication. | 7.5 |
| 2023-02-17 | CVE-2023-23695 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Secure Connect Gateway 5.12.00.10/5.14.00.12 Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. | 5.9 |
| 2023-02-14 | CVE-2022-22564 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell products Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. | 5.9 |
| 2023-02-11 | CVE-2022-34444 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. | 7.5 |
| 2023-01-26 | CVE-2022-43917 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server 8.5/9.0 IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. | 7.5 |
| 2023-01-17 | CVE-2021-36647 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ARM Mbed TLS Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA. | 4.7 |
| 2022-12-22 | CVE-2022-22461 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Verify Governance 10.0.1 IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2022-12-20 | CVE-2022-38391 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Control 5.4.0.0 IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2022-12-19 | CVE-2022-4610 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Clickstudios Passwordstate A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. | 5.5 |