CWE-325 - Missing Cryptographic Step

CWE-325

Abstraction:
Base

Structure:
Simple

Status:
Draft

Weakness Name: Missing Cryptographic Step

Description: The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

Common Consequences: Scope: Access Control
Impact: Bypass Protection Mechanism
Scope: Confidentiality, Integrity
Impact: Read Application Data, Modify Application Data
Scope: Accountability, Non-Repudiation
Impact: Hide Activities

Related Weaknesses

CWE-358Improperly Implemented Security Check for Standard

CWE-573Improper Following of Specification by Caller

Release Date:
2006-07-19

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard