Use of a Broken or Risky Cryptographic Algorithm
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The code is using the RC2 cipher algorithm, which is outdated and no longer considered secure. RC2 can be easily broken, putting any encrypted data at risk of exposure.
Impact#
If exploited, attackers could decrypt sensitive information protected with RC2, leading to data breaches, exposure of confidential data, and potential regulatory or reputational damage for the organization.