Read Time:21 Second
Description
The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism
Confidentiality, Integrity: Read Application Data, Modify Application Data
Accountability, Non-Repudiation: Hide Activities
Potential Mitigations
CVE References
- CVE-2001-1585
- Missing challenge-response step allows authentication bypass using public key.