SYM_PY_0249 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of a Broken or Risky Cryptographic Algorithm
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The code uses the Blowfish cipher algorithm, which is outdated and no longer considered secure for protecting sensitive data. Attackers can potentially break this encryption with modern techniques.
Impact
If an attacker intercepts data encrypted with Blowfish, they may be able to decrypt and access confidential information such as passwords or personal data. This can lead to data breaches, regulatory violations, and loss of user trust.