Insecure encryption algorithm - TripleDES
Description
The server where the application is stored supports insecurely configured ciphers, in addition to the ECB mode considered insecure: - Data Encryption Standard (DES).
Impact
Reverse a summary function to find sensitive information.
Recommendation
Use a secure encryption algorithm.
Threat
Unauthorized attacker from internal network executing a MitM.
Expected Remediation Time
⏱️ 30 minutes.