2021年12月16日15:53:14评论215 views字数 1955阅读6分31秒阅读模式

CWE-757 在会话协商时选择低安全性的算法（算法降级）

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

结构: Simple

Abstraction: Base

状态: Incomplete

被利用可能性: unkown

基本描述

A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties.

扩展描述

When a security mechanism can be forced to downgrade to use a less secure algorithm, this can make it easier for attackers to compromise the software by exploiting weaker algorithm. The victim might not be aware that the less secure algorithm is being used. For example, if an attacker can force a communications channel to use cleartext instead of strongly-encrypted data, then the attacker could read the channel by sniffing, instead of going through extra effort of trying to decrypt the data using brute force techniques.

常见的影响

范围	影响	注释
Access Control	Bypass Protection Mechanism

分析过的案例

标识	说明	链接
CVE-2006-4302	Attacker can select an older version of the software to exploit its vulnerabilities.	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4302
CVE-2006-4407	Improper prioritization of encryption ciphers during negotiation leads to use of a weaker cipher.	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4407
CVE-2005-2969	chain: SSL/TLS implementation disables a verification step (CWE-325) that enables a downgrade attack to a weaker protocol.	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
CVE-2001-1444	Telnet protocol implementation allows downgrade to weaker authentication and encryption using a man-in-the-middle attack.	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1444
CVE-2002-1646	SSH server implementation allows override of configuration setting to use weaker authentication schemes. This may be a composite with CWE-642.	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1646

CWE-757 在会话协商时选择低安全性的算法（算法降级）

CWE-757 在会话协商时选择低安全性的算法（算法降级）

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

基本描述

扩展描述

相关缺陷

常见的影响

分析过的案例

Notes

相关攻击模式

View-999: Weaknesses without Software Fault Patterns

View-884: CWE Cross-section

View-868: Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)

View-844: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)

View-809: Weaknesses in OWASP Top Ten (2010)

View-800: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

View-750: Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors

View-734: Weaknesses Addressed by the CERT C Secure Coding Standard (2008)

View-711: Weaknesses in OWASP Top Ten (2004)

View-709: Named Chains

发表评论

在线咨询

微信