Use of Weak Hash
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-328: Use of Weak Hash |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The code uses outdated and insecure hash functions like MD2, MD4, MD5, or SHA1 for cryptographic purposes. These algorithms are considered broken and can be exploited by attackers to compromise data integrity or security.
Impact#
Attackers may be able to generate hash collisions or reverse engineer sensitive data, leading to unauthorized access, data tampering, or credential compromise. This can put user information and application security at serious risk.