CWE-1393: Use of Default Password
Learn about CWE-1393 (Use of Default Password), its security impact, exploitation methods, and prevention guidelines.
What is Use of Default Password?
• Overview: Default passwords are pre-set passwords used in software products for authentication purposes. They are intended to simplify the installation and deployment processes but pose significant security risks if not changed.
• Exploitation Methods:
- Attackers exploit this vulnerability by using publicly available lists of default passwords to gain unauthorized access.
- Common attack patterns include automated scanning tools that test multiple systems for default credentials.
• Security Impact:
- Direct consequences include unauthorized access to sensitive systems and data.
- Potential cascading effects involve lateral movement within a network, leading to further system compromises.
- Business impact includes data breaches, loss of customer trust, and potential regulatory fines.
• Prevention Guidelines:
- Specific code-level fixes involve prompting users to change default passwords upon initial setup.
- Security best practices include enforcing strong password policies and regularly auditing credentials.
- Recommended tools and frameworks include security scanners that identify default passwords and configuration management tools to enforce password changes.
Technical Details
Likelihood of Exploit: Not specified
Affected Languages: Not Language-Specific
Affected Technologies: Not Technology-Specific, ICS/OT
Vulnerable Code Example
```python config.py {5-7}
class ApplicationConfig:
def __init__(self):
# Vulnerable: Using a default password for admin access
self.admin_password = "admin123" # This default password is easily guessable
def authenticate(self, password):
return password == self.admin_password
Explanation:
In the above code, the ApplicationConfig class uses a hardcoded default password (admin123) for administrative access. This is a security vulnerability because default passwords are often well-known or easily guessable, making them a common target for attackers. If the default password is not changed, unauthorized users can gain access to the system.
How to fix Use of Default Password?
To fix this vulnerability, it's essential to enforce a policy where default passwords must be changed during the initial setup. This can be achieved by:
- Prompting the user to set a new password during the first run of the application.
- Storing passwords securely using hashing techniques.
- Implementing checks to ensure that weak or default passwords cannot be reused.
By requiring users to choose strong, unique passwords, the security of the application is greatly improved.
Fixed Code Example
import hashlib
import os
class ApplicationConfig:
def __init__(self, password=None):
# Prompt user to set a new password if none is provided
if password is None:
password = input("Please set a strong password for admin access: ")
# Store the hashed password for security
self.admin_password_hash = self.hash_password(password)
def hash_password(self, password):
# Use a secure hashing algorithm with a salt
salt = os.urandom(32) # A new salt for this user
hashed_password = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, 100000)
return salt + hashed_password # Store salt with the hash
def authenticate(self, password):
# Authentication now checks against the hashed password
salt = self.admin_password_hash[:32]
hashed_password = self.admin_password_hash[32:]
test_hash = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, 100000)
return test_hash == hashed_password
Explanation:
In this fixed version, the application prompts the user to set a new password during initialization if none is provided. The new password is securely hashed using a strong hashing algorithm (sha256) combined with a random salt for each password. This approach significantly enhances security by ensuring that even if the password database is compromised, the passwords are not easily retrievable. Additionally, storing the salt with the hash ensures that each password is unique, even if the same password is used by different users. This method prevents the reuse of weak or default passwords, improving the overall security posture of the application.