CWE-759: Use of a One-Way Hash without a Salt
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.
常见后果
影响范围: Access Control
技术影响: Bypass Protection Mechanism Gain Privileges or Assume Identity
说明: If an attacker can gain access to the hashes, then the lack of a salt makes it easier to conduct brute force attacks using techniques such as rainbow tables.
潜在缓解措施
阶段: Architecture and Design
有效性: High
阶段: Architecture and Design
描述: If a technique that requires extra computational effort can not be implemented, then for each password that is processed, generate a new random salt using a strong random number generator with unpredictable seeds. Add the salt to the plaintext password before hashing it. When storing the hash, also store the salt. Do not use the same salt for every password.
有效性: Limited
阶段: Implementation Architecture and Design
描述: When using industry-approved techniques, use them correctly. Don't cut corners by skipping resource-intensive steps (CWE-325). These steps are often essential for preventing common attacks.
检测方法
方法: Automated Static Analysis - Binary or Bytecode
有效性: SOAR Partial
方法: Manual Static Analysis - Binary or Bytecode
有效性: SOAR Partial
方法: Manual Static Analysis - Source Code
有效性: High
方法: Automated Static Analysis - Source Code
有效性: High
方法: Automated Static Analysis
有效性: SOAR Partial
方法: Architecture or Design Review
有效性: High
观察示例
参考: CVE-2008-1526
Router does not use a salt with a hash, making it easier to crack passwords.
参考: CVE-2006-1058
Router does not use a salt with a hash, making it easier to crack passwords.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | REALIZATION: This weakness is caused during implementation of an architectural security tactic. |