Use of a Broken or Risky Cryptographic Algorithm
| Property | |
|---|---|
| Language | java |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The code uses AES encryption without specifying a mode or padding, which defaults to ECB mode in Java. ECB mode is insecure because it doesn’t properly protect the structure of encrypted data, making sensitive information easier to reveal.
Impact#
Attackers can analyze patterns in the encrypted data, potentially exposing confidential information like passwords or personal data. This can lead to data breaches, privacy violations, and non-compliance with security standards.