Insecurely generated token

Description

It is possible to crack the token's hash and obtain the information it is masking because it is not generated using a secure cryptographic mechanism.

Impact

Reuse session tokens after 14 days created.

Recommendation

Generate a token with random components without sensitive information.

Threat

Anonymous attacker from the Internet with access to the hash.

Expected Remediation Time

⌚ 60 minutes.

Score

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base

Attack vector: N
Attack complexity: H
Privileges required: N
User interaction: N
Scope: U
Confidentiality: L
Integrity: L
Availability: N

Temporal

Exploit code madurity: P
Remediation level: X
Report confidence: R

Result

Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:X/RC:R
Score:
- Base: 4.8
- Temporal: 4.4
Severity:
- Base: Medium
- Temporal: Medium

Code Examples

Compliant code

Secure and modern hashing algorithms are used by the application

function hashPassword(password) {
  this.salt = crypto.randomBytes(256).toString('hex');
  this.hash = crypto.pbkdf2Sync(password, this.salt, 1000, 64, `sha512`).toString(`hex`);
  return
}

Non compliant code

An insecure hashing algorithm is used to create the token hash

function hashPassword(password) {
  const md5sum = crypto.createHash('md5');
  const res = md5sum.update(password);
  return res;
}

Requirements

224. Use secure cryptographic mechanisms

Description​

Impact​

Recommendation​

Threat​

Expected Remediation Time​

Score​

Base​

Temporal​

Result​

Code Examples​

Compliant code​

Non compliant code​

Requirements​