This category identifies Software Fault Patterns (SFPs) within the Weak Cryptography cluster.
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 888 | Software Fault Pattern (SFP) Clusters |
| HasMember | Allowed | B | 261 | Weak Encoding for Password |
| HasMember | Allowed | B | 323 | Reusing a Nonce, Key Pair in Encryption |
| HasMember | Allowed | B | 322 | Key Exchange without Entity Authentication |
| HasMember | Allowed | B | 324 | Use of a Key Past its Expiration Date |
| HasMember | Allowed-with-Review | C | 326 | Inadequate Encryption Strength |
| HasMember | Allowed | V | 329 | Generation of Predictable IV with CBC Mode |
| HasMember | Allowed | B | 347 | Improper Verification of Cryptographic Signature |
| HasMember | Allowed-with-Review | B | 640 | Weak Password Recovery Mechanism for Forgotten Password |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|