OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to the A02 category "Cryptographic Failures" in the OWASP Top Ten 2021.


Cleartext Transmission of Sensitive Information

The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Generation of Predictable IV with CBC Mode

The product generates and uses a predictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode, which causes algorithms to be susceptible to dictionary ...

Generation of Predictable Numbers or Identifiers

The product uses a scheme that generates numbers or identifiers that are more predictable than required.

Improper Following of a Certificate's Chain of Trust

The software does not follow, or incorrectly follows, the chain of trust for a certificate back to a trusted root certificate, resulting in incorrect trust of any reso...

Improper Verification of Cryptographic Signature

The software does not verify, or incorrectly verifies, the cryptographic signature for data.

Inadequate Encryption Strength

The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

The software uses a Pseudo-Random Number Generator (PRNG) but does not correctly manage seeds.

Insufficient Entropy

The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

Key Exchange without Entity Authentication

The software performs a key exchange with an actor without verifying the identity of that actor.

Missing Cryptographic Step

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

Predictable Seed in Pseudo-Random Number Generator (PRNG)

A Pseudo-Random Number Generator (PRNG) is initialized from a predictable seed, such as the process ID or system time.

Reusing a Nonce, Key Pair in Encryption

Nonces should be used for the present occasion and only once.

Same Seed in Pseudo-Random Number Generator (PRNG)

A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized.

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mecha...

Unprotected Transport of Credentials

Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.

Use of a Broken or Risky Cryptographic Algorithm

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.

Use of a Key Past its Expiration Date

The product uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attac...

Use of a One-Way Hash with a Predictable Salt

The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software uses a predictable salt as part of ...

Use of a One-Way Hash without a Salt

The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of...

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

Use of Hard-coded Cryptographic Key

The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.

Use of Insufficiently Random Values

The software uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Use of Password Hash With Insufficient Computational Effort

The software generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking a...

Use of RSA Algorithm without OAEP

The software uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might weaken the encryption.

Use of Weak Hash

The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably...

Weak Encoding for Password

Obscuring a password with a trivial encoding does not protect the password.


Cryptographic Issues

Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniqu...

Deprecated or Obsolete

OWASP Top Ten 2007 Category A9 - Insecure Communications

Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2007.

OWASP Top Ten 2010 Category A9 - Insufficient Transport Layer Protection

Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2010.


Weaknesses in OWASP Top Ten (2021)

CWE entries in this view (graph) are associated with the OWASP Top Ten, as released in 2021.

See Also

  1. A02:2021 – Cryptographic Failures
  2. OWASP Top 10:2021

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.