CWE-1346: OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures
ID
CWE-1346
Status
Incomplete
Weaknesses in this category are related to the A02 category "Cryptographic Failures" in the OWASP Top Ten 2021.
Relationships
View | Weakness | ||||||
---|---|---|---|---|---|---|---|
# ID | Name | # ID | Name | Abstraction | Structure | Status | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-261 | Weak Encoding for Password | Base | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-296 | Improper Following of a Certificate's Chain of Trust | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-310 | Cryptographic Issues | Draft | |||
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-319 | Cleartext Transmission of Sensitive Information | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-321 | Use of Hard-coded Cryptographic Key | Variant | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-322 | Key Exchange without Entity Authentication | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-323 | Reusing a Nonce, Key Pair in Encryption | Base | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-324 | Use of a Key Past its Expiration Date | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-325 | Missing Cryptographic Step | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-326 | Inadequate Encryption Strength | Class | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm | Class | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-328 | Use of Weak Hash | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-329 | Generation of Predictable IV with CBC Mode | Variant | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-330 | Use of Insufficiently Random Values | Class | Simple | Stable | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-331 | Insufficient Entropy | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-336 | Same Seed in Pseudo-Random Number Generator (PRNG) | Variant | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-337 | Predictable Seed in Pseudo-Random Number Generator (PRNG) | Variant | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-340 | Generation of Predictable Numbers or Identifiers | Class | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-347 | Improper Verification of Cryptographic Signature | Base | Simple | Draft | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-523 | Unprotected Transport of Credentials | Base | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-720 | OWASP Top Ten 2007 Category A9 - Insecure Communications | Obsolete | |||
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-757 | Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') | Base | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-759 | Use of a One-Way Hash without a Salt | Variant | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-760 | Use of a One-Way Hash with a Predictable Salt | Variant | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-780 | Use of RSA Algorithm without OAEP | Variant | Simple | Incomplete | |
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-818 | OWASP Top Ten 2010 Category A9 - Insufficient Transport Layer Protection | Obsolete | |||
CWE-1344 | Weaknesses in OWASP Top Ten (2021) | CWE-916 | Use of Password Hash With Insufficient Computational Effort | Base | Simple | Incomplete |
Loading...