SYM_JSTS_0158 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Cryptographic Issues
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-310: CWE CATEGORY: Cryptographic Issues |
| OWASP | A02:2021 - Cryptographic Failures |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | High |
Description
The 'final' call of a Decipher object checks the authentication tag in a mode for authenticated encryption. Failing to call 'final' will invalidate all integrity guarantees of the released ciphertext.