- What is CWE-259?
- The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
- What CVEs are caused by CWE-259?
- 161 recorded CVEs are attributed to CWE-259, including CVE-2024-32741, CVE-2022-45444, CVE-2014-2363.
- Is CWE-259 part of the OWASP Top 10?
- CWE-259 maps to OWASP Top Ten 2004: Broken Authentication and Session Management (A3) in the OWASP security taxonomy.
- How do you prevent CWE-259?
- For outbound authentication: store passwords outside of the code in a strongly-protected, encrypted configuration file or database that is protected from access by all outsiders, including other local users on the same system. Properly protect the key (CWE-320). If you cannot use encryption to protect the file, then make sure that the permissions are as restrictive as possible.
- How is CWE-259 detected?
- Manual Analysis: This weakness can be detected using tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session.
- What are the consequences of CWE-259?
- Exploiting CWE-259 can lead to: Gain Privileges or Assume Identity, Hide Activities, Reduce Maintainability.
- Is CWE-259 actively exploited?
- 161 recorded CVEs are caused by CWE-259; none are currently in CISA's KEV catalog of actively exploited flaws.