CWE-327: Use of a Broken or Risky Cryptographic Algorithm

low-risk

The product uses a broken or risky cryptographic algorithm or protocol.

Abstraction: Class

Common Consequences

Confidentiality → Read Application Data

Integrity → Modify Application Data

Accountability → Hide Activities

Detection Methods

Automated Analysis

Automated methods may be useful for recognizing commonly-used libraries or features that have become obsolete.

Manual Analysis

This weakness can be detected using tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session.

Automated Static Analysis - Binary or Bytecode

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Bytecode Weakness Analysis - including disassembler + source code weakness analysis Binary Weakness Analysis - including disassembler + source code weakness analysis Binary / Bytecode simple extractor - strings, ELF readers, etc.

Manual Static Analysis - Binary or Bytecode

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Binary / Bytecode disassembler - then use manual analysis for vulnerabilities & anomalies

Dynamic Analysis with Automated Results Interpretation

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Web Application Scanner Web Services Scanner Database Scanners

Dynamic Analysis with Manual Results Interpretation

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Man-in-the-middle attack tool Cost effective for partial coverage: Framework-based Fuzzer Automated Monitored Execution Monitored Virtual Environment - run potentially malicious code in sandbox / wrapper / virtual machine, see if it does anything suspicious

Manual Static Analysis - Source Code

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Manual Source Code Review (not inspections) Cost effective for partial coverage: Focused Manual Spotcheck - Focused manual analysis of source

Automated Static Analysis - Source Code

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Source code Weakness Analyzer Context-configured Source Code Weakness Analyzer

Automated Static Analysis

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Configuration Checker

Architecture or Design Review

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Formal Methods / Correct-By-Construction Cost effective for partial coverage: Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.)

Real-World Examples (10)

CVE	CVSS	EPSS	KEV
CVE-2023-34039	9.8	93.2%	—
CVE-2017-17382	5.9	78.3%	—
CVE-2017-17428	5.9	77.0%	—
CVE-2022-3365	9.8	52.6%	—
CVE-2014-8687	9.8	49.9%	—
CVE-2016-6602	9.8	47.8%	—
CVE-2018-0737	5.9	38.1%	—
CVE-2015-9235	9.8	32.5%	—
CVE-2025-2539	7.5	20.8%	—
CVE-2024-36823	7.5	11.8%	—

/ 100

low-risk

Active Threat 2/50 · Minimal

Exploit Availability 0/50 · Minimal