CWE-329

Total CVEs
6
Vulnerabilities
Avg CVSS v3
5.7
Medium
Avg CVSS v2
3.7
Low
Latest CVE
2022
Most Recent

Severity Distribution

Critical 0
0%
High 1
16.7%
Medium 4
66.7%
Low 1
16.7%

External References

MITRE CWE
Official CWE definition
NIST NVD
Search CVEs by CWE

All CVEs (6)

Page 1 of 1

CVE-2022-46397

HIGH
CVSS:7.5(High)

FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode.

CWE-3292022

CVE-2020-5408

MEDIUM
CVSS:6.5(Medium)

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the ...

CWE-3292020

CVE-2017-3226

MEDIUM
CVSS:6.4(Medium)

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setti...

CWE-3292017

CVE-2021-27499

MEDIUM
CVSS:5.9(Medium)

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communicatio...

CWE-3292021

CVE-2017-3225

MEDIUM
CVSS:4.6(Medium)

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may a...

CWE-3292017

CVE-2022-29054

LOW
CVSS:3.3(Low)

A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x m...

CWE-3292022