Use of a Broken or Risky Cryptographic Algorithm
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | Low |
| Likelihood Level | High |
Description#
The code configures TLS to use insecure cipher suites that are known to be weak, such as RC4, 3DES, or certain AES CBC modes. These cipher suites are outdated and do not provide strong protection for encrypted network traffic.
Impact#
Using weak cipher suites makes it easier for attackers to decrypt, modify, or intercept sensitive data in transit. This can lead to data breaches, exposure of confidential information, and undermine the security guarantees of TLS connections.