CQE - CQE-327: Broken or Risky Cryptographic Algorithm Usage (Draft 0.9)

	Common Quality Enumeration A Community-Developed Dictionary of Quality Issues
Home \| CQE List \| About CQE
Search by ID:

CQE-327: Broken or Risky Cryptographic Algorithm Usage

Broken or Risky Cryptographic Algorithm Usage

[an error occurred while processing this directive] Definition in a New Window

Quality Issue ID: 327

Maturity: Preliminary

Description

Description Summary

This pattern identifies situations where the application uses the cryptographic deployed component while it is not part of the list of vetted cryptographic deployed components. As an example, FIPS 140-2 features a list of validated implementations.

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to View
ChildOf	Ch Characteristic	9115	Security	Default Graph (primary)9001
ChildOf	Pr Practice	9136	Cryptography	Quality Issues Organized by Practices (primary)9002
CanPrecede	Co Consequence	9152	Unauthorized Access to Sensitive Information	Default Graph (primary)9001

Related Taxonomy Entries

Taxonomy	Version	Related ID
ASCSM	1	ASCSM-CWE-327
CWE	2.11	327

References

"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-327. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.

Page Last Updated or Reviewed: October 01, 2017


	This Web site is sponsored and managed by The MITRE Corporation to enable stakeholder collaboration. Copyright © 2006-2024, The MITRE Corporation. CQE, CWE, and the CQE logo are trademarks of The MITRE Corporation. Contact cqe@mitre.org for more information.	Privacy policy Terms of use Contact us

Common Quality Enumeration

CQE-327: Broken or Risky Cryptographic Algorithm Usage

Related Taxonomy Entries