CWE-1346: OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures

ID CWE-1346

Status Incomplete

Weaknesses in this category are related to the A02 category "Cryptographic Failures" in the OWASP Top Ten 2021.

Relationships

View		Weakness
# ID	Name	# ID	Name	Abstraction	Structure	Status
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-261	Weak Encoding for Password	Base	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-296	Improper Following of a Certificate's Chain of Trust	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-310	Cryptographic Issues			Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-319	Cleartext Transmission of Sensitive Information	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-321	Use of Hard-coded Cryptographic Key	Variant	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-322	Key Exchange without Entity Authentication	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-323	Reusing a Nonce, Key Pair in Encryption	Base	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-324	Use of a Key Past its Expiration Date	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-325	Missing Cryptographic Step	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-326	Inadequate Encryption Strength	Class	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-327	Use of a Broken or Risky Cryptographic Algorithm	Class	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-328	Use of Weak Hash	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-329	Generation of Predictable IV with CBC Mode	Variant	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-330	Use of Insufficiently Random Values	Class	Simple	Stable
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-331	Insufficient Entropy	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-335	Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-336	Same Seed in Pseudo-Random Number Generator (PRNG)	Variant	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-337	Predictable Seed in Pseudo-Random Number Generator (PRNG)	Variant	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-338	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-340	Generation of Predictable Numbers or Identifiers	Class	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-347	Improper Verification of Cryptographic Signature	Base	Simple	Draft
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-523	Unprotected Transport of Credentials	Base	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-720	OWASP Top Ten 2007 Category A9 - Insecure Communications			Obsolete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-757	Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')	Base	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-759	Use of a One-Way Hash without a Salt	Variant	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-760	Use of a One-Way Hash with a Predictable Salt	Variant	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-780	Use of RSA Algorithm without OAEP	Variant	Simple	Incomplete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-818	OWASP Top Ten 2010 Category A9 - Insufficient Transport Layer Protection			Obsolete
CWE-1344	Weaknesses in OWASP Top Ten (2021)	CWE-916	Use of Password Hash With Insufficient Computational Effort	Base	Simple	Incomplete