ClassDraft
CWE-326Inadequate Encryption Strength
Category: data-exposure
Description
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
A weak encryption scheme can be subjected to brute force attacks that have a reasonable chance of succeeding using current attack methods and resources.
Common consequences· 1
- Access Control / Confidentiality — Bypass Protection Mechanism, Read Application DataAn attacker may be able to decrypt the data using brute force attacks.
Potential mitigations· 1
- [Architecture and Design]Use an encryption scheme that is currently considered to be strong by experts in the field.
Related CAPEC attack patterns· 3
References
Exploits (incoming)3
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Encryption Brute Forcingcapec-20 | 100% | live |
| AttackPattern | Protocol Analysiscapec-192 | 100% | live |
| AttackPattern | Brute Forcecapec-112 | 100% | live |
Compliance frameworks addressing this (incoming)7
| Type | Target | Confidence | Tier |
|---|---|---|---|
| ComplianceControl | pci_dss_v4-r3 | 100% | live |
| ComplianceControl | iso27001-a.8.24 | 100% | live |
| ComplianceControl | pci_dss_v4-r4 | 100% | live |
| ComplianceControl | iso27001-a.5.7 | 100% | live |
| ComplianceControl | nis2-art21a | 100% | live |
| ComplianceControl | owasp_top10-a02 | 100% | live |
| ComplianceControl | nis2-art21h | 100% | live |
(incoming)13
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-12478cve-2025-12478 | 0% | live |
| Vulnerability | CVE-2025-36106cve-2025-36106 | 0% | live |
| Vulnerability | CVE-2025-45765cve-2025-45765 | 0% | live |
| Vulnerability | CVE-2025-65295cve-2025-65295 | 0% | live |
| Vulnerability | CVE-2025-7398cve-2025-7398 | 0% | live |
| Vulnerability | CVE-2026-33488cve-2026-33488 | 0% | live |
| Vulnerability | CVE-2026-44351cve-2026-44351 | 0% | live |
| Vulnerability | CVE-2026-44523cve-2026-44523 | 0% | live |
| Vulnerability | CVE-2026-5363cve-2026-5363 | 0% | live |
| KEVEntry | Primetek Primefaces Remote Code Execution Vulnerabilitykev-cve-2017-1000486 | 0% | live |
| KEVEntry | Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerabilitykev-cve-2017-11317 | 0% | live |
| KEVEntry | DotNetNuke (DNN) Inadequate Encryption Strength Vulnerabilitykev-cve-2018-15811 | 0% | live |
| KEVEntry | DotNetNuke (DNN) Inadequate Encryption Strength Vulnerabilitykev-cve-2018-18325 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.