While the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives.
In this case, insecure cryptographic hashing algorithms are monitored.
Steps to Reproduce
While the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives.
In this case, insecure cryptographic hashing algorithms are monitored.
Business Impact
Remediation Resources
Utilize cryptographic hashing algorithms that are considered secure and advocated for in best practice recommendation.
Guidance can be found for Android and from Apple.
Finding Description
While the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives. In this case, insecure cryptographic hashing algorithms are monitored.
Steps to Reproduce
While the application runs, cryptographic APIs are monitored to identify any insecure usage of cryptographic algorithms or primitives. In this case, insecure cryptographic hashing algorithms are monitored.
Business Impact
Remediation Resources
Utilize cryptographic hashing algorithms that are considered secure and advocated for in best practice recommendation. Guidance can be found for Android and from Apple.
For more guidance on best practices in picking strong cryptography, please see OWASP's Cryptographic Storage Cheat Sheet.
Risk and Regulatory Information
Severity: low CVSS: 3.7
Application
See more detail in the NowSecure Report