Corgea LogoCorgea Security Hub

CWE-312: Cleartext Storage of Sensitive Information

Learn about CWE-312 (Cleartext Storage of Sensitive Information), its security impact, exploitation methods, and prevention guidelines.

What is Cleartext Storage of Sensitive Information?

• Overview: Cleartext Storage of Sensitive Information (CWE-312) occurs when sensitive data is stored without encryption or obfuscation, making it easily accessible to unauthorized users or attackers.

• Exploitation Methods:

  • Attackers can gain access to sensitive data by accessing storage resources such as databases, files, or logs that store information in cleartext.
  • Common attack patterns include unauthorized file access, database breaches, and interception of data during transport.

• Security Impact:

  • Direct consequences of successful exploitation include unauthorized access to sensitive information such as passwords, personal data, or financial information.
  • Potential cascading effects include identity theft, fraud, and further breaches due to compromised credentials.
  • Business impact can involve reputational damage, legal liabilities, and financial losses due to data breaches and non-compliance with regulations.

• Prevention Guidelines:

  • Specific code-level fixes include implementing encryption for storing sensitive data both at rest and in transit.
  • Security best practices involve using strong, industry-standard encryption algorithms and key management practices.
  • Recommended tools and frameworks include encryption libraries and secure storage solutions such as SSL/TLS for data transmission and secure database configurations.

Corgea can automatically detect and fix Cleartext Storage of Sensitive Information in your codebase. Try Corgea free today.

Technical Details

Likelihood of Exploit: Not specified

Affected Languages: Not Language-Specific

Affected Technologies: Cloud Computing, ICS/OT, Mobile

Vulnerable Code Example

import sqlite3

def store_user_credentials(username, password):
    # Open a connection to the database
    conn = sqlite3.connect('users.db')
    cursor = conn.cursor()
    
    # WARNING: Storing password in cleartext!
    cursor.execute('''
        CREATE TABLE IF NOT EXISTS users (
            id INTEGER PRIMARY KEY AUTOINCREMENT,
            username TEXT NOT NULL,
            password TEXT NOT NULL
        )
    ''')
    
    # Insert the username and cleartext password
    cursor.execute('INSERT INTO users (username, password) VALUES (?, ?)', (username, password))
    conn.commit()
    conn.close()

Explanation

In this vulnerable code example, user credentials are stored directly in a database without any encryption or hashing. This exposes sensitive information (passwords) to anyone who can access the database. If the database is compromised, attackers can easily retrieve and misuse these passwords.

How to fix Cleartext Storage of Sensitive Information?

The main principle to fix this vulnerability is never storing sensitive information like passwords in cleartext. Instead, use a strong one-way cryptographic hash function with a unique salt for each password. This ensures that even if an unauthorized entity accesses the database, they cannot easily retrieve the actual passwords.

Fix Approach:

  • Use a secure hashing algorithm like bcrypt, Argon2, or PBKDF2.
  • Always apply a unique salt to each password before hashing to protect against rainbow table attacks.
  • Store only the hashed version of the password in the database.

Fixed Code Example

import sqlite3
import bcrypt

def store_user_credentials(username, password):
    # Open a connection to the database
    conn = sqlite3.connect('users.db')
    cursor = conn.cursor()
    
    # Use bcrypt to hash the password before storing
    salt = bcrypt.gensalt()
    hashed_password = bcrypt.hashpw(password.encode('utf-8'), salt)
    
    cursor.execute('''
        CREATE TABLE IF NOT EXISTS users (
            id INTEGER PRIMARY KEY AUTOINCREMENT,
            username TEXT NOT NULL,
            password BLOB NOT NULL
        )
    ''')
    
    # Insert the username and hashed password
    cursor.execute('INSERT INTO users (username, password) VALUES (?, ?)', (username, hashed_password))
    conn.commit()
    conn.close()

Explanation

In the fixed code example:

  • We import bcrypt to securely hash passwords.
  • Before storing the password, we generate a salt and hash the password using bcrypt.hashpw.
  • The database now stores the hashed password instead of the cleartext password, significantly improving security by protecting sensitive information from exposure.
  • The password column type is changed to BLOB to accommodate the binary data of the hashed password.

By following these steps, the security of stored user credentials is greatly enhanced, mitigating the risk of cleartext password exposure.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-312: Cleartext Storage of Sensitive Information and get remediation guidance

Start for free and no credit card needed.