CWE-1402: Comprehensive Categorization: Encryption
ID
CWE-1402
Status
Incomplete
Weaknesses in this category are related to encryption.
Relationships
| View | Weakness | ||||||
|---|---|---|---|---|---|---|---|
| # ID | Name | # ID | Name | Abstraction | Structure | Status | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-5 | J2EE Misconfiguration: Data Transmission Without Encryption | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-311 | Missing Encryption of Sensitive Data | Class | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-312 | Cleartext Storage of Sensitive Information | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-313 | Cleartext Storage in a File or on Disk | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-314 | Cleartext Storage in the Registry | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-315 | Cleartext Storage of Sensitive Information in a Cookie | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-316 | Cleartext Storage of Sensitive Information in Memory | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-317 | Cleartext Storage of Sensitive Information in GUI | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-318 | Cleartext Storage of Sensitive Information in Executable | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-319 | Cleartext Transmission of Sensitive Information | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-324 | Use of a Key Past its Expiration Date | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-325 | Missing Cryptographic Step | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-326 | Inadequate Encryption Strength | Class | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm | Class | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-328 | Use of Weak Hash | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-347 | Improper Verification of Cryptographic Signature | Base | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-614 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute | Variant | Simple | Draft | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-759 | Use of a One-Way Hash without a Salt | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-760 | Use of a One-Way Hash with a Predictable Salt | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-780 | Use of RSA Algorithm without OAEP | Variant | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-916 | Use of Password Hash With Insufficient Computational Effort | Base | Simple | Incomplete | |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends | CWE-1240 | Use of a Cryptographic Primitive with a Risky Implementation | Base | Simple | Draft | |
Loading...