Insecure-crypto-aes-keysize
Insecure crypto aes keysize
insecure-crypto-aes-keysize
insecure-crypto-aes-keysize
AES symmetric cryptographic operations were identified using a key size of 128bit which is less than the industry standard recommendation of 256bit.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-326: Inadequate Encryption Strength
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures