SYM_PY_0256 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of a Broken or Risky Cryptographic Algorithm
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The code is using DES or Triple DES (3DES) encryption algorithms, which are outdated and no longer secure. These algorithms can be easily broken, putting encrypted data at risk.
Impact
Attackers could decrypt sensitive information, such as passwords or personal data, leading to data breaches or unauthorized access. This could expose users and the organization to privacy violations, financial loss, or regulatory penalties.