General Information

Inadequate Storage Encryption Key Strength

Variants:
Direct 

Also Known As:
Weak Encryption, Insecure Encryption Key Length, Insecure Encryption Attributes

Vector Type:
Vulnerability

Relevance:
Generic

Layer:
Application-Level, Web-Infrastructure-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Content Encryption

Invented In:
01/01/1999

Added In:
21/12/2014


Vector Operation Method:
Inadequate storage encryption key strength could be abused by attackers in post exploitation scenarios for successfully performing cryptanalysis attacks on the encrypted data, even without obtaining the encryption key.


Direct Variant:

Inadequate Storage Encryption Key Strength

Also Known As:
Weak Encryption, Insecure Encryption Key Length, Insecure Encryption Attributes

Typical Severity:
Minor

Learn More: