CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
  • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
        • Biometrics-and-auth
        • Commoncrypto
          • Hardcoded-iv
          • Hardcoded-pbkdf2-passphrase
          • Hardcoded-realm
          • Hardcoded-salt
          • Hardcoded-symmetric-key
          • Insecure-crypto-aes-keysize
          • Insecure-crypto-algorithm-blowfish
          • Insecure-crypto-algorithm-des
          • Insecure-crypto-algorithm-rc4
          • Insecure-crypto-cbc-mode
          • Insecure-crypto-ecb-mode
            • Insecure crypto ecb mode
          • Insecure-crypto-keystorage
          • Insecure-crypto-rsa-keysize
          • Insecure-hashing-algorithm-md2
          • Insecure-hashing-algorithm-md4
          • Insecure-hashing-algorithm-md5
          • Insecure-hashing-algorithm-sha1
          • Insufficient-pbkdf2-work-factor-sha1
          • Insufficient-pbkdf2-work-factor-sha256
          • Insufficient-pbkdf2-work-factor-sha512
          • Realmstate-encryption-missing
        • Cryptoswift
        • Insecure-communication
        • Lang
        • Pathtraversal
        • Sql
        • Sqllite
        • Webview
        • Webview
      • Terraform
      • Typescript
      • Yaml
    Insecure-crypto-ecb-mode

    Insecure crypto ecb mode

    Symmetric cryptographic operations were identified that use Electronic Code Book (ECB) mode. ECB mode is considered insecure as identical plaintext blocks encrypt to identical ciphertexts revealing patterns in the data. Use stronger, better alternatives such as AES-GCM or ChaChaPoly.
    Likelihood: HIGH
    Confidence: HIGH
    CWE:
    - CWE-327: Use of a Broken or Risky Cryptographic Algorithm
    OWASP:
    - A03:2017 - Sensitive Data Exposure
    - A02:2021 - Cryptographic Failures

    Insecure crypto cbc modeInsecure crypto keystorage
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.