CWE-640: Weak Password Recovery Mechanism for Forgotten Password
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
常见后果
影响范围: Access Control
技术影响: Gain Privileges or Assume Identity
说明: An attacker could gain unauthorized access to the system by retrieving legitimate user's authentication credentials.
影响范围: Availability
技术影响: DoS: Resource Consumption (Other)
说明: An attacker could deny service to legitimate system users by launching a brute force attack on the password recovery mechanism using user ids of legitimate users.
影响范围: Integrity Other
技术影响: Other
说明: The system's security functionality is turned against the system by the attacker.
潜在缓解措施
阶段: Architecture and Design
描述: Make sure that all input supplied by the user to the password recovery mechanism is thoroughly filtered and validated.
阶段: Architecture and Design
描述: Do not use standard weak security questions and use several security questions.
阶段: Architecture and Design
描述: Make sure that there is throttling on the number of incorrect answers to a security question. Disable the password recovery functionality after a certain (small) number of incorrect guesses.
阶段: Architecture and Design
描述: Require that the user properly answers the security question prior to resetting their password and sending the new password to the e-mail address of record.
阶段: Architecture and Design
描述: Never allow the user to control what e-mail address the new password will be sent to in the password recovery mechanism.
阶段: Architecture and Design
描述: Assign a new temporary password rather than revealing the original password.
引入模式
| 阶段 | 说明 |
|---|---|
| Architecture and Design | COMMISSION: This weakness refers to an incorrect design related to an architectural security tactic. |
| Implementation | - |
适用平台
编程语言
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| WASC | 49 | Insufficient Password Recovery | - |