Use of a Broken or Risky Cryptographic Algorithm
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The code uses an encryption mode like CBC, CTR, CFB, or OFB without adding message authentication. This means encrypted data can be tampered with or altered by attackers without detection.
Impact#
If exploited, attackers could modify or corrupt encrypted data, potentially leading to unauthorized access, data exposure, or application errors. This can compromise sensitive information and undermine the security of the entire system.