CWE-327 (使用已被攻破或存在风险的密码学算法) — Vulnerability Class 254

254 vulnerabilities classified as CWE-327 (使用已被攻破或存在风险的密码学算法). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-43843	IBM Spectrum Scale information disclosure — Spectrum Scale	5.9	Medium	2023-12-14
CVE-2021-27795	License forgery in Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, — Brocade Switches	6.4	Medium	2023-12-06
CVE-2022-24403	De-anonymization attack in TETRA — TETRA Standard	4.3	Medium	2023-12-05
CVE-2023-26024	IBM Planning Analytics on Cloud Pak for Data information disclosure — Planning Analytics on Cloud Pak for Data	6.5	Medium	2023-12-01
CVE-2023-38361	IBM CICS TX Advanced information disclosure — CICS TX Advanced	5.9	Medium	2023-11-18
CVE-2023-47640	Insecure Use of HMAC-SHA1 For Session Signing in datahub — datahub	6.4	Medium	2023-11-14
CVE-2023-30994	IBM QRadar SIEM information disclosure — QRadar SIEM	5.4	Medium	2023-10-14
CVE-2023-39252	Dell EMC SCG Policy Manager 加密问题漏洞 — Secure Connect Gateway (SCG) Policy Manager	5.9	Medium	2023-09-21
CVE-2023-38730	IBM Spectrum Copy Data Management information disclosure — Spectrum Copy Data Management	5.9	Medium	2023-08-27
CVE-2023-40371	IBM AIX information disclosure — AIX	6.2	Medium	2023-08-24
CVE-2023-4326	Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites — LSI Storage Authority (LSA)	9.1	-	2023-08-15
CVE-2023-4331	Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols — LSI Storage Authority (LSA)	9.1	-	2023-08-15
CVE-2023-37484	Information Disclosure Vulnerabilities in SAP PowerDesigner — SAP PowerDesigner	5.3	Medium	2023-08-08
CVE-2021-38933	IBM Sterling Connect:Express for UNIX information disclosure — Sterling Connect:Express for UNIX	5.9	Medium	2023-07-19
CVE-2023-37464	Incorrect Authentication Tag length usage in AES GCM decryption in OpenIDC/cjose — cjose	8.6	High	2023-07-14
CVE-2023-34130	SonicWALL Analytics和GMS 加密问题漏洞 — GMS	7.5	-	2023-07-13
CVE-2023-32043	Windows Remote Desktop Security Feature Bypass Vulnerability — Windows 10 Version 1809	6.8	Medium	2023-07-11
CVE-2023-36749	Siemens RUGGEDCOM ROX 加密问题漏洞 — RUGGEDCOM ROX MX5000	7.4	High	2023-07-11
CVE-2023-35890	IBM WebSphere Application Server information disclosure — WebSphere Application Server	5.1	Medium	2023-07-07
CVE-2023-36608	Ovarro TBox RTUs 加密问题漏洞 — TBox MS-CPU32	6.5	Medium	2023-07-03
CVE-2023-26276	IBM QRadar information disclosure — Security QRadar SIEM	5.9	Medium	2023-06-27
CVE-2022-43949	Fortinet FortiSIEM 加密问题漏洞 — FortiSIEM	5.9	Medium	2023-06-13
CVE-2023-28043	Dell EMC SCG Policy Manager 加密问题漏洞 — Secure Connect Gateway	6.5	Medium	2023-06-01
CVE-2023-28076	Dell CloudLink 加密问题漏洞 — CloudLink	5.9	Medium	2023-05-16
CVE-2022-22313	IBM QRadar Data Synchronization App information disclosure — QRadar Data Synchronization App	4.4	Medium	2023-05-06
CVE-2022-45858	Fortinet FortiNAC 加密问题漏洞 — FortiNAC	3.8	Medium	2023-05-03
CVE-2023-30441	IBM Java information disclosure — Java	7.5	High	2023-04-29
CVE-2023-27557	IBM Safter Payments information disclosure — Safer Payments	5.9	Medium	2023-04-28
CVE-2023-28244	Windows Kerberos Elevation of Privilege Vulnerability — Windows Server 2019	8.1	High	2023-04-11
CVE-2023-28509	Weak encryption in UniRPC protocol — UniData	7.5	-	2023-03-29

Vulnerabilities classified as CWE-327 (使用已被攻破或存在风险的密码学算法) represent 254 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-327 (使用已被攻破或存在风险的密码学算法) — Vulnerability Class 254