34814f787b
These links are no longer relevant since SANS now just link to CWE, and we already have links to CWEs.
33 lines
1.1 KiB
Plaintext
33 lines
1.1 KiB
Plaintext
== Why is this an issue?
|
|
|
|
include::../description.adoc[]
|
|
|
|
include::../noncompliant.adoc[]
|
|
|
|
include::../compliant.adoc[]
|
|
|
|
== Resources
|
|
|
|
* https://owasp.org/Top10/A02_2021-Cryptographic_Failures/[OWASP Top 10 2021 Category A2] - Cryptographic Failures
|
|
* https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration[OWASP Top 10 2017 Category A6] - Security Misconfiguration
|
|
* https://cwe.mitre.org/data/definitions/326[MITRE, CWE-326] - Inadequate Encryption Strength
|
|
* https://cwe.mitre.org/data/definitions/327[MITRE, CWE-327] - Use of a Broken or Risky Cryptographic Algorithm
|
|
* https://wiki.sei.cmu.edu/confluence/x/hDdGBQ[CERT, MSC61-J.] - Do not use insecure or weak cryptographic algorithms
|
|
* Derived from FindSecBugs rule https://h3xstream.github.io/find-sec-bugs/bugs.htm#DES_USAGE[DES / DESede Unsafe]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
|
|
endif::env-github,rspecator-view[]
|