Whilst the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives.
In this case, insecure cryptographic hashing algorithms are monitored.
Steps to Reproduce
Whilst the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives.
In this case, insecure cryptographic hashing algorithms are monitored.
Business Impact
Remediation Resources
Utilize cryptographic hashing algorithms that are considered secure and advocated for in best practice recommendatiosn.
Guidance can be found for Android and from Apple.
Finding Description
Whilst the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives. In this case, insecure cryptographic hashing algorithms are monitored.
Steps to Reproduce
Whilst the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives. In this case, insecure cryptographic hashing algorithms are monitored.
Business Impact
Remediation Resources
Utilize cryptographic hashing algorithms that are considered secure and advocated for in best practice recommendatiosn. Guidance can be found for Android and from Apple.
For more guidance on best practices in picking strong cryptography, please see OWASP's Cryptographic Storage Cheat Sheet.
Risk and Regulatory Information
Severity: low CVSS: 3.7
Application
See more detail in the NowSecure Report