insecure-hash-algorithm-md2
Detected MD2 hash algorithm which is considered insecure. MD2 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-hash-algorithm-md5
Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
crypto-mode-without-authentication
An encryption mode of operation is being used without proper message authentication. This can potentially result in the encrypted content to be decrypted by an attacker. Consider instead use an AEAD mode of operation like GCM.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-cipher-algorithm-rc2
Detected RC2 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-cipher-algorithm-des
Detected DES cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-cipher-algorithm-xor
Detected XOR cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-hash-algorithm-md4
Detected MD4 hash algorithm which is considered insecure. MD4 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insufficient-dsa-key-size
Detected an insufficient key size for DSA. NIST recommends a key size of 2048 or higher.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-326: Inadequate Encryption Strength
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-cipher-algorithm-blowfish
Detected Blowfish cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-hash-algorithm-sha1
Detected SHA1 hash algorithm which is considered insecure. SHA1 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insecure-cipher-algorithm-rc4
Detected ARC4 cipher algorithm which is considered insecure. This algorithm is not cryptographically secure and can be reversed easily. Use AES instead.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
insufficient-rsa-key-size
Detected an insufficient key size for RSA. NIST recommends a key size of 2048 or higher.
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-326: Inadequate Encryption Strength
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures