CWE-316 在内存中的明文存储

Cleartext Storage of Sensitive Information in Memory

结构: Simple

Abstraction: Variant

状态: Draft

被利用可能性: unkown

基本描述

The application stores sensitive information in cleartext in memory.

扩展描述

The sensitive memory might be saved to disk, stored in a core dump, or remain uncleared if the application crashes, or if the programmer does not properly clear the memory before freeing it.

It could be argued that such problems are usually only exploitable by those with administrator privileges. However, swapping could cause the memory to be written to disk and leave it accessible to physical attack afterwards. Core dump files might have insecure permissions or be stored in archive files that are accessible to untrusted people. Or, uncleared sensitive memory might be inadvertently exposed to attackers due to another weakness.

相关缺陷

  • cwe_Nature: ChildOf cwe_CWE_ID: 312 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 312 cwe_View_ID: 699 cwe_Ordinal: Primary

适用平台

Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}

常见的影响

范围 影响 注释
Confidentiality Read Memory

分析过的案例

标识 说明 链接
CVE-2001-1517 Sensitive authentication information in cleartext in memory. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1517
BID:10155 Sensitive authentication information in cleartext in memory. http://www.securityfocus.com/bid/10155
CVE-2001-0984 Password protector leaves passwords in memory when window is minimized, even when "clear password when minimized" is set. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0984
CVE-2003-0291 SSH client does not clear credentials from memory. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0291

Notes

Relationship This could be a resultant weakness, e.g. if the compiler removes code that was intended to wipe memory. Terminology Different people use "cleartext" and "plaintext" to mean the same thing: the lack of encryption. However, within cryptography, these have more precise meanings. Plaintext is the information just before it is fed into a cryptographic algorithm, including already-encrypted text. Cleartext is any information that is unencrypted, although it might be in an encoded form that is not easily human-readable (such as base64 encoding).

分类映射

映射的分类名 ImNode ID Fit Mapped Node Name
PLOVER Plaintext Storage in Memory
Software Fault Patterns SFP23 Exposed Data