SYM_PY_0252 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of a Broken or Risky Cryptographic Algorithm
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The code is using the RC2 cipher algorithm, which is outdated and no longer considered secure. RC2 can be easily broken, putting any encrypted data at risk of exposure.
Impact
If exploited, attackers could decrypt sensitive information protected with RC2, leading to data breaches, exposure of confidential data, and potential regulatory or reputational damage for the organization.