CVEbaza.plCWE DictionaryCWE-780
Common Weakness Enumeration

CWE-780

Use of RSA Algorithm without OAEP

Category: VariantCVE: 3
Description

The product uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might weaken the encryption.

Extended Description

Padding schemes are often used with cryptographic algorithms to make the plaintext less predictable and complicate attack efforts. The OAEP scheme is often used with RSA to nullify the impact of predictable common text.

CVE vulnerabilities with CWE-780 (3)
7.7
CVSS
HIGH
CVE-2022-40722

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support Offline MFA with PingID mobile authenticators is vulnerable to pre-computed dictionary attacks, leading to a bypass of offline MFA.

pub. 2023-04-25
5.9
CVSS
MEDIUM
CVE-2024-51456

IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks.

pub. 2025-01-12
2.3
CVSS
LOW
CVE-2025-9071

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated messages, and loss of security proofs.

pub. 2025-08-29
Information
ID: CWE-780
Type: Variant
Vulnerabilities: 3
MITRE CWE ↗
← CWE Dictionary
CWE-780 — Use of RSA Algorithm without OAEP | CWE Dictionary | CVEbaza.pl