Use of a Broken or Risky Cryptographic Algorithm
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The code uses the SHA1 hashing algorithm, which is no longer considered secure due to its vulnerability to collisions. Instead, use a stronger hash like SHA256 or SHA3 for cryptographic operations.
Impact#
If SHA1 is used, attackers could exploit its weaknesses to create different inputs that produce the same hash, potentially forging digital signatures or compromising data integrity. This can lead to unauthorized data modification, fraud, or bypassing authentication mechanisms.