Inadequate Storage Encryption Key Strength
Variants:
Direct
Also Known As:
Weak Encryption, Insecure Encryption Key Length, Insecure Encryption Attributes
Vector Type:
Vulnerability
Relevance:
Generic
Layer:
Application-Level, Web-Infrastructure-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Content Encryption
Invented In:
01/01/1999
Added In:
21/12/2014
Vector Operation Method:
Inadequate storage encryption key strength could be abused by attackers in post exploitation scenarios for successfully performing cryptanalysis attacks on the encrypted data, even without obtaining the encryption key.
