Missing Support for Integrity Check
ID |
scala.cryptography.scala_crypto_rule_cipherintegrity |
Severity |
high |
Resource |
Cryptography |
Language |
Scala |
Description
The ciphertext produced is susceptible to alteration by an adversary. This mean that the cipher provides no way to detect that the data has been tampered with. If the ciphertext can be controlled by an attacker, it could be altered without detection.
Rationale
The ciphertext produced is susceptible to alteration by an adversary. This mean that the cipher provides no way to detect that the data has been tampered with. If the ciphertext can be controlled by an attacker, it could be altered without detection.
Remediation
Follow secure coding practices and review the references below for detailed remediation guidance.
References
-
OWASP Top 10 2021 - A02 : Cryptographic Failures.