| Encryption Brute Forcing |
|
CWE-326
|
Inadequate Encryption Strength
|
|
CWE-327
|
Use of a Broken or Risky Cryptographic Algorithm
|
|
CWE-693
|
Protection Mechanism Failure
|
|
CWE-1204
|
Generation of Weak Initialization Vector (IV)
|
|
| Creating a Rogue Certification Authority Certificate |
|
CWE-290
|
Authentication Bypass by Spoofing
|
|
CWE-295
|
Improper Certificate Validation
|
|
CWE-327
|
Use of a Broken or Risky Cryptographic Algorithm
|
|
| Signature Spoof |
|
CWE-20
|
Improper Input Validation
|
|
CWE-290
|
Authentication Bypass by Spoofing
|
|
CWE-327
|
Use of a Broken or Risky Cryptographic Algorithm
|
|
| Signature Spoofing by Improper Validation |
|
CWE-295
|
Improper Certificate Validation
|
|
CWE-327
|
Use of a Broken or Risky Cryptographic Algorithm
|
|
CWE-347
|
Improper Verification of Cryptographic Signature
|
|
| Cryptanalysis of Cellular Encryption |
|
CWE-327
|
Use of a Broken or Risky Cryptographic Algorithm
|
|
| Rooting SIM Cards |
|
CWE-327
|
Use of a Broken or Risky Cryptographic Algorithm
|
|
| Cryptanalysis |
|
CWE-327
|
Use of a Broken or Risky Cryptographic Algorithm
|
|
CWE-1204
|
Generation of Weak Initialization Vector (IV)
|
|
CWE-1240
|
Use of a Cryptographic Primitive with a Risky Implementation
|
|
CWE-1241
|
Use of Predictable Algorithm in Random Number Generator
|
|
CWE-1279
|
Cryptographic Operations are run Before Supporting Units are Ready
|
|