Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-257 (以可恢复格式存储口令) — Vulnerability Class 59

59 vulnerabilities classified as CWE-257 (以可恢复格式存储口令). AI Chinese analysis included.

CWE-257 represents a critical data storage weakness where passwords are kept in a recoverable format, such as reversible encryption or plaintext, rather than using one-way cryptographic hashing. This flaw is typically exploited by malicious insiders or attackers who gain access to the database, allowing them to decrypt stored credentials and engage in password reuse attacks across multiple systems. Because the original passwords can be retrieved, this practice offers no security advantage over storing them in plain text and significantly increases the blast radius of a breach. To avoid this vulnerability, developers must implement strong, salted hashing algorithms like bcrypt or Argon2, ensuring that passwords are irreversibly transformed and cannot be recovered even if the storage medium is compromised.

MITRE CWE Description
The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.
Common Consequences (2)
Confidentiality, Access ControlGain Privileges or Assume Identity
User's passwords may be revealed.
Access ControlGain Privileges or Assume Identity
Revealed passwords may be reused elsewhere to impersonate the users in question.
Mitigations (1)
Architecture and DesignUse strong, non-reversible encryption to protect stored passwords.
Examples (2)
Both of these examples verify a password by comparing it to a stored compressed version.
int VerifyAdmin(char *password) { if (strcmp(compress(password), compressed_password)) { printf("Incorrect Password!\n"); return(0); } printf("Entering Diagnostic Mode...\n"); return(1); }
Bad · C
int VerifyAdmin(String password) { if (passwd.Equals(compress(password), compressed_password)) { return(0); } //Diagnostic Mode return(1); }
Bad · Java
The following examples show a portion of properties and configuration files for Java and ASP.NET applications. The files include username and password information but they are stored in cleartext.
# Java Web App ResourceBundle properties file ... webapp.ldap.username=secretUsername webapp.ldap.password=secretPassword ...
Bad · Java
... <connectionStrings> <add name="ud_DEV" connectionString="connectDB=uDB; uid=db2admin; pwd=password; dbalias=uDB;" providerName="System.Data.Odbc" /> </connectionStrings> ...
Bad · ASP.NET
CVE IDTitleCVSSSeverityPublished
CVE-2024-32042 CyberPower PowerPanel business Storing Passwords in a Recoverable Format — PowerPanel business 4.9 Medium2024-05-15
CVE-2024-3543 LoadMaster Reversible Password Encryption Algorithm — LoadMaster 6.4 Medium2024-05-02
CVE-2024-1480 Unitronics Vision Standard Unauthenticated Password Retrieval — Vision230 7.5 High2024-04-19
CVE-2023-38738 IBM OpenPages with Watson information disclosure — OpenPages with Watson 6.8 Medium2024-01-19
CVE-2023-31001 IBM Security Access Manager Container information disclosure — Security Verify Access Appliance 5.1 Medium2024-01-11
CVE-2023-2358 Hitachi Vantara Pentaho Business Analytics Server – Password Stored in a Recoverable Format — Pentaho Business Analytics Server 4.3 Medium2023-09-26
CVE-2022-47376 BD Alaris Infusion Central 安全漏洞 — Alaris Infusion Central 7.5 -2023-06-13
CVE-2023-2881 Storing Passwords in a Recoverable Format in pimcore/customer-data-framework — pimcore/customer-data-framework 6.5 -2023-05-25
CVE-2023-31150 Storing Passwords in a Recoverable Format — SEL-3505 8.0 High2023-05-10
CVE-2023-23382 Azure Machine Learning Compute Instance Information Disclosure Vulnerability — Azure Machine Learning 6.5 Medium2023-02-14
CVE-2022-32519 Schneider Electric StruxureWare Data Center Expert 安全漏洞 — Data Center Expert 8.0 High2023-01-30
CVE-2023-21726 Windows Credential Manager User Interface Elevation of Privilege Vulnerability — Windows 10 Version 1809 7.8 High2023-01-10
CVE-2022-46142 Siemens部分产品 安全漏洞 — RUGGEDCOM RM1224 LTE(4G) EU 5.7 Medium2022-12-13
CVE-2022-22251 cSRX Series: Storing Passwords in a Recoverable Format and software permissions issues allows a local attacker to elevate privileges — Junos OS 7.8 High2022-10-18
CVE-2022-34838 ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control — ABB Zenon 8.1 High2022-08-24
CVE-2022-34837 ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control — ABB Zenon 6.2 Medium2022-08-24
CVE-2021-35050 User Credentials Stored in a Recoverable Format within Fidelis Network and Deception — Fidelis Network 6.5 Medium2021-06-25
CVE-2021-27485 ZOLL Defibrillator Dashboard 安全漏洞 — ZOLL Defibrillator Dashboard 6.5 -2021-06-16
CVE-2020-8296 Nextcloud 安全漏洞 — Nextcloud Server 6.5 -2021-03-03
CVE-2021-0220 Junos Space: Shared secrets stored in recoverable format and directly exposed through the UI — Junos Space 6.8 Medium2021-01-15
CVE-2019-18256 Biotronik CardioMessenger II-S 授权问题漏洞 — BIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSM 4.6 -2020-06-29
CVE-2019-19096 ABB eSOMS: REDIS clear text credentials — eSOMS 6.1 Medium2020-04-02
CVE-2019-3736 Dell EMC Integrated Data Protection Appliance ACM组件安全漏洞 — Integrated Data Protection Appliance 9.1 -2019-09-27
CVE-2019-1010241 CloudBees Jenkins Credentials Binding Plugin Jenkins插件信任管理问题漏洞 — Jenkins 6.5 -2019-07-19
CVE-2019-6567 Siemens Scalance X-300 信任管理问题漏洞 — SCALANCE X-200 switch family (incl. SIPLUS NET variants) 9.1 -2019-06-12
CVE-2019-5615 Rapid7 InsightVM Stored Credential Exposure — InsightVM 6.5 -2019-04-09
CVE-2018-10622 Medtronic MyCareLink 24950 Patient Monitor Storing Passwords in a Recoverable Format — 24950 MyCareLink Monitor 4.9 Medium2018-08-10
CVE-2018-5446 Medtronic 2090 Carelink Programmer Storing Passwords in a Recoverable Format — 2090 CareLink Programmer 4.9 Medium2018-05-04
CVE-2017-9942 Siemens SiPass integrated 安全漏洞 — SiPass integrated All versions before V2.70 7.8 -2017-08-08

Vulnerabilities classified as CWE-257 (以可恢复格式存储口令) represent 59 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.