Insecure encryption algorithm
Description
The application uses insecure encryption algorithms.
Impact
- Reverse the ciphertext and collect sensible information. - Tamper protected data by exploiting algorithm collisions.
Recommendation
Use algorithms considered cryptographically secure.
Threat
Anonymous attacker from adjacent network.
Expected Remediation Time
⏱️ 30 minutes.
Requirements
127 - Store hashed passwords148 - Set minimum size of asymmetric encryption149 - Set minimum size of symmetric encryption150 - Set minimum size for hash functions181 - Transmit data using secure protocols336 - Disable insecure TLS versionsRules
Ssl Tls Server Accepts Null Cipher SuiteSsl Tls Server Accepts Short Rsa KeySsl Tls Server Accepts Weak Cipher MethodsGo Insufficient Kdf Output LengthJava Unsafe Jwt DecodeJavascript Weak Rsa Modulus 1024Kotlin Crypto Weak Key SizeTypescript Insecure Ecdh CurveGo Insecure Hash UseKotlin Hardcoded Signing SecretC Sharp Hardcoded Insecure KeysScala Insecure Ec KeyScala Insecure Hash AlgorithmScala Insecure Cipher ModeSwift Weak Hash AlgorithmC Sharp Weak Crypto AlgorithmJavascript Weak Cipher Des EcbKotlin Hardcoded Encryption KeyGo Weak Rsa Key SizeKotlin Static Iv UsedJava Insecure Cipher SslGo Hardcoded Symmetric KeyC Sharp Obsolete Key DerivationPhp Weak Cipher McryptKotlin Insecure Cipher ModeJavascript Insecure Hash Sha1Typescript Insecure Deprecated EncryptionDart Pointycastle Pbkdf2 Weak IterationsScala Insecure Pass GenerationKotlin Insecure Key GenerationJavascript Insecure Encryption ModeTypescript Allow Invalid Key TypesKotlin Weak Key SizePython Hardcoded Jwt SecretJava Weak Rsa KeyKotlin Insecure Hostname VerificationDart Pointycastle Pbkdf2 Weak Key LengthGo Insecure Scrypt ParametersPython Insecure Hash Sha1 UsageDart Cryptography Argon2 Weak Hash LengthJava Insecure Signature AlgorithmGo Pbkdf2 Insufficient Iteration CountC Sharp Insecure Cipher AlgorithmJava Weak Cipher SuiteJava Jwt Unsigned TokenJavascript Weak Hash Md4Java Insecure Cryptographic AlgorithmJavascript Insecure Ec Curve Secp192k1Go Deprecated Pemblock Encryption FunctionsKotlin Hardcoded Iv UsedDart Cryptography Pbkdf2 Weak Key LengthPhp Insecure Openssl CipherDart Pointycastle Argon2 Weak Hash LengthSwift Insecure Cryptor UsagerC Sharp Rsa Secure ModeDart Cryptography Argon2 Weak MemoryJava Weak Crypto AlgorithmsKotlin Insecure Certificate ValidationTypescript Insecure Hash Sha1Javascript Insecure Deprecated EncryptionPython Unsafe Cipher Algorithm Or ModeScala Jwt Without Proper SignKotlin Insecure Cipher UsageProperties Missing Ssl ConfigurationC Sharp Disabled Strong CryptoPython Insecure Aes Ecb ModeJava Insecure Ssl ProtocolTypescript Insecure Hash Md4Javascript Allow Invalid Key TypesJava Insecure Cipher ModePhp Weak Encryption SizeGo Deprecated Encryption Function UseProperties Weak Cipher SuiteDart Cryptography Pbkdf2 Weak IterationsSwift Insecure Cipher UsageTypescript Insecure Cipher CreationTypescript Insecure Rsa 1024Dart Pointycastle Weak Rsa Key SizeGo Insecure Cipher UsageC Sharp Insecure Hash UsageTypescript Weak Ec Curve Secp192k1C Sharp Weak Rsa Encrypt PaddingJava Insecure Cipher UsageKotlin Insecure Key Pair GenerationGo Insufficient Bcrypt CostDart Pointycastle Argon2 Weak MemoryDart Cryptography Weak Rsa Key SizeTypescript Insecure Cipher ModeJava Allows Tls1 1Kotlin Insecure Key UsageKotlin Insecure Cipher SslJava Insecure Hash AlgorithmKotlin Insecure Hash Sha1Java Weak Crypto Algorithms UsedSwift Hardcoded Jwt SecretJavascript Insecure Ecdh CurveC Sharp Hardcoded Symmetric KeyJava Insecure Key Rsa