Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-620:Drop Encryption Level
Attack Pattern ID:620
Version:v3.9
Attack Pattern Name:Drop Encryption Level
Abstraction:Standard
Status:Draft
Likelihood of Attack:
Typical Severity:High
DetailsContent HistoryRelated WeaknessesReports
1Weaknesses found
CWE-757
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
ShareView Details
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in17CVEs

A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties.

Impacts-
Bypass Protection Mechanism
Tags-
Bypass Protection Mechanism (impact)
As Seen In-
Not Available