CWE-780

Use of RSA Algorithm without OAEP

Variant

Incomplete

Description

The product uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might weaken the encryption.

Padding schemes are often used with cryptographic algorithms to make the plaintext less predictable and complicate attack efforts. The OAEP scheme is often used with RSA to nullify the impact of predictable common text.

Parent Weaknesses (ChildOf)

CWE-327: Use of a Broken or Risky Crypt...

Common Consequences

Scope

Access Control

Impact

Bypass Protection Mechanism

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-780

Use of RSA Algorithm without OAEP

Description

Relationships

Common Consequences

Applicable Platforms