CWE-305 – Authentication Bypass by Primary Weakness

Read Time:40 Second

Description

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-287

 

Consequences

Access Control: Bypass Protection Mechanism

 

Potential Mitigations

CVE References

  • CVE-2002-1374
    • The provided password is only compared against the first character of the real password.
  • CVE-2000-0979
    • The password is not properly checked, which allows remote attackers to bypass access controls by sending a 1-byte password that matches the first character of the real password.
  • CVE-2001-0088
    • Chain: Forum software does not properly initialize an array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the password and gain administrative privileges.

CWE-304 – Missing Critical Step in Authentication

Read Time:38 Second

Description

The software implements an authentication technique, but it skips a step that weakens the technique.

Authentication techniques should follow the algorithms that define them exactly, otherwise authentication can be bypassed or more easily subjected to brute force attacks.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-287
CWE-573

 

Consequences

Access Control, Integrity, Confidentiality: Bypass Protection Mechanism, Gain Privileges or Assume Identity, Read Application Data, Execute Unauthorized Code or Commands

This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or allowing attackers to execute arbitrary code.

 

Potential Mitigations

CVE References

  • CVE-2004-2163
    • Shared secret not verified in a RADIUS response packet, allowing authentication bypass by spoofing server replies.

CWE-303 – Incorrect Implementation of Authentication Algorithm

Read Time:19 Second

Description

The requirements for the software dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.

This incorrect implementation may allow authentication to be bypassed.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-287

 

Consequences

Access Control: Bypass Protection Mechanism

 

Potential Mitigations

CVE References

  • CVE-2003-0750
    • Conditional should have been an ‘or’ not an ‘and’.

CWE-302 – Authentication Bypass by Assumed-Immutable Data

Read Time:46 Second

Description

The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-287
CWE-807

 

Consequences

Access Control: Bypass Protection Mechanism

 

Potential Mitigations

Phase: Architecture and Design, Operation, Implementation

Description: 

Implement proper protection for immutable data (e.g. environment variable, hidden form fields, etc.)

CVE References

  • CVE-2002-1730
    • Authentication bypass by setting certain cookies to “true”.
  • CVE-2002-1734
    • Authentication bypass by setting certain cookies to “true”.
  • CVE-2004-1611
    • Product trusts authentication information in cookie.
  • CVE-2005-1708
    • Authentication bypass by setting admin-testing variable to true.
  • CVE-2005-1787
    • Bypass auth and gain privileges by setting a variable.

CWE-301 – Reflection Attack in an Authentication Protocol

Read Time:40 Second

Description

Simple authentication protocols are subject to reflection attacks if a malicious user can use the target machine to impersonate a trusted user.

Modes of Introduction:

– Architecture and Design

 

Likelihood of Exploit: Medium

 

Related Weaknesses

CWE-287
CWE-327

 

Consequences

Access Control: Gain Privileges or Assume Identity

The primary result of reflection attacks is successful authentication with a target machine — as an impersonated user.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Use different keys for the initiator and responder or of a different type of challenge for the initiator and responder.

Phase: Architecture and Design

Description: 

Let the initiator prove its identity before proceeding.

CVE References

  • CVE-2005-3435
    • product authentication succeeds if user-provided MD5 hash matches the hash in its database; this can be subjected to replay attacks.

CWE-300 – Channel Accessible by Non-Endpoint

Read Time:1 Minute, 45 Second

Description

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

In order to establish secure communication between two parties, it is often important to adequately verify the identity of entities at each end of the communication channel. Inadequate or inconsistent verification may result in insufficient or incorrect identification of either communicating entity. This can have negative consequences such as misplaced trust in the entity at the other end of the channel. An attacker can leverage this by interposing between the communicating entities and masquerading as the original entity. In the absence of sufficient verification of identity, such an attacker can eavesdrop and potentially modify the communication between the original entities.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-923

 

Consequences

Confidentiality, Integrity, Access Control: Read Application Data, Modify Application Data, Gain Privileges or Assume Identity

An attacker could pose as one of the entities and read or possibly modify the communication.

 

Potential Mitigations

Phase: Implementation

Description: 

Always fully authenticate both ends of any communications channel.

Phase: Architecture and Design

Description: 

Adhere to the principle of complete mediation.

Phase: Implementation

Description: 

A certificate binds an identity to a cryptographic key to authenticate a communicating party. Often, the certificate takes the encrypted form of the hash of the identity of the subject, the public key, and information such as time of issue or expiration using the issuer’s private key. The certificate can be validated by deciphering the certificate with the issuer’s public key. See also X.509 certificate signature chains and the PGP certification structure.

CVE References

  • CVE-2014-1266
    • chain: incorrect “goto” in Apple SSL product bypasses certificate validation, allowing Adversry-in-the-Middle (AITM) attack (Apple “goto fail” bug). CWE-705 (Incorrect Control Flow Scoping) -> CWE-561 (Dead Code) -> CWE-295 (Improper Certificate Validation) -> CWE-393 (Return of Wrong Status Code) -> CWE-300 (Channel Accessible by Non-Endpoint).

CWE-30 – Path Traversal: ‘dir..filename’

Read Time:43 Second

Description

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize ‘dir..filename’ (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-23

 

Consequences

Confidentiality, Integrity: Read Files or Directories, Modify Files or Directories

 

Potential Mitigations

Phase: Implementation

Description: 

Phase: Implementation

Description: 

Inputs should be decoded and canonicalized to the application’s current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.

CVE References

  • CVE-2002-1987
    • Protection mechanism checks for “/..” but doesn’t account for Windows-specific “..” allowing read of arbitrary files.

CWE-299 – Improper Check for Certificate Revocation

Read Time:2 Minute, 8 Second

Description

The software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.

An improper check for certificate revocation is a far more serious flaw than related certificate failures. This is because the use of any revoked certificate is almost certainly malicious. The most common reason for certificate revocation is compromise of the system in question, with the result that no legitimate servers will be using a revoked certificate, unless they are sorely out of sync.

Modes of Introduction:

– Architecture and Design

 

Likelihood of Exploit: Medium

 

Related Weaknesses

CWE-295
CWE-404

 

Consequences

Access Control: Gain Privileges or Assume Identity

Trust may be assigned to an entity who is not who it claims to be.

Integrity, Other: Other

Data from an untrusted (and possibly malicious) source may be integrated.

Confidentiality: Read Application Data

Data may be disclosed to an entity impersonating a trusted entity, resulting in information disclosure.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Ensure that certificates are checked for revoked status.

Phase: Implementation

Description: 

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the revoked status.

CVE References

  • CVE-2011-2014
    • LDAP-over-SSL implementation does not check Certificate Revocation List (CRL), allowing spoofing using a revoked certificate.
  • CVE-2011-0199
    • Operating system does not check Certificate Revocation List (CRL) in some cases, allowing spoofing using a revoked certificate.
  • CVE-2010-5185
    • Antivirus product does not check whether certificates from signed executables have been revoked.
  • CVE-2009-3046
    • Web browser does not check if any intermediate certificates are revoked.
  • CVE-2009-0161
    • chain: Ruby module for OCSP misinterprets a response, preventing detection of a revoked certificate.
  • CVE-2011-2701
    • chain: incorrect parsing of replies from OCSP responders allows bypass using a revoked certificate.
  • CVE-2011-0935
    • Router can permanently cache certain public keys, which would allow bypass if the certificate is later revoked.
  • CVE-2009-1358
    • chain: OS package manager does not properly check the return value, allowing bypass using a revoked certificate.
  • CVE-2009-0642
    • chain: language interpreter does not properly check the return value from an OSCP function, allowing bypass using a revoked certificate.
  • CVE-2008-4679
    • chain: web service component does not call the expected method, which prevents a check for revoked certificates.
  • CVE-2006-4410
    • Certificate revocation list not searched for certain certificates.
  • CVE-2006-4409
    • Product cannot access certificate revocation list when an HTTP proxy is being used.

CWE-298 – Improper Validation of Certificate Expiration

Read Time:54 Second

Description

A certificate expiration is not validated or is incorrectly validated, so trust may be assigned to certificates that have been abandoned due to age.

When the expiration of a certificate is not taken into account, no trust has necessarily been conveyed through it. Therefore, the validity of the certificate cannot be verified and all benefit of the certificate is lost.

Modes of Introduction:

– Architecture and Design

 

Likelihood of Exploit: Low

 

Related Weaknesses

CWE-295
CWE-672

 

Consequences

Integrity, Other: Other

The data read from the system vouched for by the expired certificate may be flawed due to malicious spoofing.

Authentication, Other: Other

Trust afforded to the system in question – based on the expired certificate – may allow for spoofing attacks.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Check for expired certificates and provide the user with adequate information about the nature of the problem and how to proceed.

Phase: Implementation

Description: 

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the expiration.

CVE References

CWE-297 – Improper Validation of Certificate with Host Mismatch

Read Time:2 Minute, 15 Second

Description

The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.

Modes of Introduction:

– Architecture and Design

 

Likelihood of Exploit: High

 

Related Weaknesses

CWE-923
CWE-295

 

Consequences

Access Control: Gain Privileges or Assume Identity

The data read from the system vouched for by the certificate may not be from the expected system.

Authentication, Other: Other

Trust afforded to the system in question – based on the malicious certificate – may allow for spoofing or redirection attacks.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Fully check the hostname of the certificate and provide the user with adequate information about the nature of the problem and how to proceed.

Phase: Implementation

Description: 

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

CVE References

  • CVE-2012-5810
    • Mobile banking application does not verify hostname, leading to financial loss.
  • CVE-2012-5811
    • Mobile application for printing documents does not verify hostname, allowing attackers to read sensitive documents.
  • CVE-2012-5807
    • Software for electronic checking does not verify hostname, leading to financial loss.
  • CVE-2012-3446
    • Cloud-support library written in Python uses incorrect regular expression when matching hostname.