CWE-257
AllowedStoring Passwords in a Recoverable Format
Abstraction: Base · Status: Incomplete
The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.
115 vulnerabilities reference this CWE, most recent first.
CVE-2017-9942 (GCVE-0-2017-9942)
Vulnerability from cvelistv5 – Published: 2017-08-08 00:00 – Updated: 2024-08-05 17:24- CWE-257 - Storing Passwords in a Recoverable Format
| URL | Tags |
|---|---|
| https://www.siemens.com/cert/pool/cert/siemens_se… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/99578 | vdb-entryx_refsource_BID |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | SiPass integrated All versions before V2.70 |
Affected:
SiPass integrated All versions before V2.70
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:24:59.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf"
},
{
"name": "99578",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99578"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SiPass integrated All versions before V2.70",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "SiPass integrated All versions before V2.70"
}
]
}
],
"datePublic": "2017-08-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-08T09:57:01.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf"
},
{
"name": "99578",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99578"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2017-9942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SiPass integrated All versions before V2.70",
"version": {
"version_data": [
{
"version_value": "SiPass integrated All versions before V2.70"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-257: Storing Passwords in a Recoverable Format"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf",
"refsource": "CONFIRM",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf"
},
{
"name": "99578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99578"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2017-9942",
"datePublished": "2017-08-08T00:00:00.000Z",
"dateReserved": "2017-06-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:24:59.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-15058 (GCVE-0-2016-15058)
Vulnerability from cvelistv5 – Published: 2026-04-03 21:59 – Updated: 2026-05-14 02:06- CWE-257 - Storing Passwords in a Recoverable Format
| URL | Tags |
|---|---|
| https://assets.belden.com/m/1d8273c6205dc400/orig… | vendor-advisory |
| https://www.kb.cert.org/vuls/id/507216 | |
| https://www.vulncheck.com/advisories/hirschmann-h… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Belden | Hirschmann HiLCOS Classic Platform |
Unaffected:
>= 09.0.06
(custom)
Unaffected: >= 05.3.07 (custom) Affected: 0 , ≤ 09.0.05 (custom) Affected: 0 , ≤ 05.3.06 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-15058",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-07T14:17:16.881399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T14:17:23.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Hirschmann HiLCOS Classic Platform",
"vendor": "Belden",
"versions": [
{
"status": "unaffected",
"version": "\u003e= 09.0.06",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "\u003e= 05.3.07",
"versionType": "custom"
},
{
"lessThanOrEqual": "09.0.05",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "05.3.06",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2016-12-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are synchronized with SNMPv1/v2 community strings and transmitted in plaintext when the feature is enabled. Attackers with local network access can sniff SNMP traffic or extract configuration data to recover plaintext credentials and gain unauthorized administrative access to the switches."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T02:06:27.357Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://assets.belden.com/m/1d8273c6205dc400/original/Security-Bulletin-Password-Sync-SNMP-v1-v2-BSECV-2016-12.pdf"
},
{
"url": "https://www.kb.cert.org/vuls/id/507216"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/hirschmann-hilcos-classic-platform-password-exposure-via-snmp"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Hirschmann HiLCOS Classic Platform Password Exposure via SNMP"
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2016-15058",
"datePublished": "2026-04-03T21:59:07.731Z",
"dateReserved": "2026-04-03T21:50:15.953Z",
"dateUpdated": "2026-05-14T02:06:27.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
GHSA-27GG-Q2PJ-F574
Vulnerability from github – Published: 2024-11-26 09:30 – Updated: 2025-11-04 18:31User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
{
"affected": [],
"aliases": [
"CVE-2024-32151"
],
"database_specific": {
"cwe_ids": [
"CWE-257"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-26T08:15:05Z",
"severity": "MODERATE"
},
"details": "User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].",
"id": "GHSA-27gg-q2pj-f574",
"modified": "2025-11-04T18:31:30Z",
"published": "2024-11-26T09:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32151"
},
{
"type": "WEB",
"url": "https://global.sharp/products/copier/info/info_security_2024-05.html"
},
{
"type": "WEB",
"url": "https://jp.sharp/business/print/information/info_security_2024-05.html"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU93051062"
},
{
"type": "WEB",
"url": "https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html"
},
{
"type": "WEB",
"url": "https://www.toshibatec.co.jp/information/20240531_02.html"
},
{
"type": "WEB",
"url": "https://www.toshibatec.com/information/20240531_02.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jul/0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2GX2-4QJJ-49CH
Vulnerability from github – Published: 2026-04-14 18:30 – Updated: 2026-04-14 18:30A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to retrieve passwords for multiple installed connectors via server address modification in connector configuration.
{
"affected": [],
"aliases": [
"CVE-2026-22576"
],
"database_specific": {
"cwe_ids": [
"CWE-257",
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-14T16:16:36Z",
"severity": "MODERATE"
},
"details": "A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated remote attacker to retrieve passwords for multiple installed connectors via server address modification in connector configuration.",
"id": "GHSA-2gx2-4qjj-49ch",
"modified": "2026-04-14T18:30:35Z",
"published": "2026-04-14T18:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22576"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-26-104"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2V44-WC7V-87RM
Vulnerability from github – Published: 2025-03-24 15:30 – Updated: 2025-03-24 15:30The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any authenticated SIMPLE.ERP user to escalate privileges to a database administrator.
This issue affect SIMPLE.ERP from 6.20 through 6.30. Only the 6.30 version received a patch 6.30@a03.9, which removed the vulnerability. Versions 6.20 and 6.25 remain unpatched.
{
"affected": [],
"aliases": [
"CVE-2024-8774"
],
"database_specific": {
"cwe_ids": [
"CWE-257"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-24T13:15:25Z",
"severity": "HIGH"
},
"details": "The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any authenticated SIMPLE.ERP user to escalate privileges to a database administrator.\n\nThis issue affect SIMPLE.ERP from 6.20 through 6.30. Only the 6.30 version received a patch 6.30@a03.9, which removed the vulnerability. Versions 6.20 and 6.25 remain unpatched.",
"id": "GHSA-2v44-wc7v-87rm",
"modified": "2025-03-24T15:30:45Z",
"published": "2025-03-24T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8774"
},
{
"type": "WEB",
"url": "https://cert.pl/en/posts/2025/03/CVE-2024-8773"
},
{
"type": "WEB",
"url": "https://cert.pl/posts/2025/03/CVE-2024-8773"
},
{
"type": "WEB",
"url": "https://simple.com.pl/produkty/simple-erp/dla-kogo"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2VJV-2JWR-W8HR
Vulnerability from github – Published: 2025-08-20 06:30 – Updated: 2025-08-21 15:30An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.
{
"affected": [],
"aliases": [
"CVE-2025-57789"
],
"database_specific": {
"cwe_ids": [
"CWE-257"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-20T04:16:03Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.",
"id": "GHSA-2vjv-2jwr-w8hr",
"modified": "2025-08-21T15:30:33Z",
"published": "2025-08-20T06:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57789"
},
{
"type": "WEB",
"url": "https://documentation.commvault.com/securityadvisories/CV_2025_08_4.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-3877-QFCM-54MW
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems.
{
"affected": [],
"aliases": [
"CVE-2017-9942"
],
"database_specific": {
"cwe_ids": [
"CWE-257"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-08T00:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems.",
"id": "GHSA-3877-qfcm-54mw",
"modified": "2022-05-13T01:36:04Z",
"published": "2022-05-13T01:36:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9942"
},
{
"type": "WEB",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99578"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3H49-GMXG-3C7G
Vulnerability from github – Published: 2025-04-18 21:31 – Updated: 2025-04-18 21:31An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component.
{
"affected": [],
"aliases": [
"CVE-2025-25983"
],
"database_specific": {
"cwe_ids": [
"CWE-257"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-18T20:15:16Z",
"severity": "LOW"
},
"details": "An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro android application 2.1.64 allows an attacker to obtain sensitive information via the QE code based sharing component.",
"id": "GHSA-3h49-gmxg-3c7g",
"modified": "2025-04-18T21:31:20Z",
"published": "2025-04-18T21:31:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25983"
},
{
"type": "WEB",
"url": "https://github.com/vladko312/Research_v380_IP_camera"
},
{
"type": "WEB",
"url": "https://github.com/vladko312/Research_v380_IP_camera/blob/main/CVE-2025-25983.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-3M3J-3MX3-JMXC
Vulnerability from github – Published: 2022-12-13 18:30 – Updated: 2025-01-14 12:31Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
{
"affected": [],
"aliases": [
"CVE-2022-46142"
],
"database_specific": {
"cwe_ids": [
"CWE-257",
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-13T16:15:00Z",
"severity": "MODERATE"
},
"details": "Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.",
"id": "GHSA-3m3j-3mx3-jmxc",
"modified": "2025-01-14T12:31:47Z",
"published": "2022-12-13T18:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46142"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-4FCM-4JR3-58FG
Vulnerability from github – Published: 2024-05-15 21:31 – Updated: 2024-05-15 21:31The key used to encrypt passwords stored in the database can be found in the CyberPower PowerPanel
application code, allowing the passwords to be recovered.
{
"affected": [],
"aliases": [
"CVE-2024-32042"
],
"database_specific": {
"cwe_ids": [
"CWE-257"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-15T20:15:11Z",
"severity": "MODERATE"
},
"details": "The key used to encrypt passwords stored in the database can be found in\n the \nCyberPower PowerPanel\n\napplication code, allowing the passwords to be recovered.",
"id": "GHSA-4fcm-4jr3-58fg",
"modified": "2024-05-15T21:31:25Z",
"published": "2024-05-15T21:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32042"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01"
},
{
"type": "WEB",
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Use strong, non-reversible encryption to protect stored passwords.
CAPEC-49: Password Brute Forcing
An adversary tries every possible value for a password until they succeed. A brute force attack, if feasible computationally, will always be successful because it will essentially go through all possible passwords given the alphabet used (lower case letters, upper case letters, numbers, symbols, etc.) and the maximum length of the password.