insecure-crypto-algorithm-des
insecure-crypto-algorithm-des
The use of the insecure DES/3DES encryption algorithm(s) were detected. DES is deprecated and considered insecure. The application should leverage more suitable algorithms such as AES in GCM mode, or ChaChaPoly.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures