SYM_CS_0003 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of a Broken or Risky Cryptographic Algorithm
| Property | Value |
|---|---|
| Language | csharp |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A02:2021 - Cryptographic Failures |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | High |
Description
The code uses outdated cryptographic algorithms like DES or RC2, which are no longer considered secure. Modern, secure alternatives such as AES or ChaCha20Poly1305 should be used instead.
Impact
Attackers may be able to break encryption that uses DES or RC2, leading to exposure of sensitive data such as passwords, personal information, or confidential business data. This can result in data breaches, compliance violations, and loss of user trust.