Inadequate Encryption Strength
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-326: Inadequate Encryption Strength |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Manually setting SSL/TLS ciphers using set_ciphers() can override Python’s secure defaults and unintentionally enable weak or outdated encryption. This increases the risk of using insecure cryptographic algorithms.
Impact#
If weak ciphers are enabled, attackers could exploit vulnerabilities to decrypt or tamper with sensitive data in transit. This can lead to information disclosure, compromised user data, or interception of confidential communications.