Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Biometrics-and-auth
- Commoncrypto
- Hardcoded-iv
- Hardcoded-pbkdf2-passphrase
- Hardcoded-realm
- Hardcoded-salt
- Hardcoded-symmetric-key
- Insecure-crypto-aes-keysize
- Insecure-crypto-algorithm-blowfish
- Insecure-crypto-algorithm-des
- Insecure-crypto-algorithm-rc4
- Insecure-crypto-cbc-mode
- Insecure-crypto-ecb-mode
- Insecure-crypto-keystorage
- Insecure-crypto-rsa-keysize
- Insecure-hashing-algorithm-md2
- Insecure-hashing-algorithm-md4
- Insecure-hashing-algorithm-md5
- Insecure-hashing-algorithm-sha1
- Insufficient-pbkdf2-work-factor-sha1
- Insufficient-pbkdf2-work-factor-sha256
- Insufficient-pbkdf2-work-factor-sha512
- Realmstate-encryption-missing
- Cryptoswift
- Insecure-communication
- Lang
- Pathtraversal
- Sql
- Sqllite
- Webview
- Webview
- Terraform
- Typescript
- Yaml
Insecure-crypto-ecb-mode
Insecure crypto ecb mode
Symmetric cryptographic operations were identified that use Electronic Code Book (ECB) mode. ECB mode is considered insecure as identical plaintext blocks encrypt to identical ciphertexts revealing patterns in the data. Use stronger, better alternatives such as AES-GCM or ChaChaPoly.
Likelihood: HIGH
Confidence: HIGH
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures