CWE-314: Cleartext Storage in the Registry

Description

The product stores sensitive information in cleartext in the registry.

Extended Description

Attackers can read the information by accessing the registry key. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.

ThreatScore

Threat Mapped score: 3.0

Industry: Finiancial

Threat priority: P2 - Serious (High)

Observed Examples (CVEs)

CVE: CVE-2005-2227

Cleartext passwords in registry key.

Related Attack Patterns (CAPEC)

CAPEC-37

Attack TTPs

T1005 — Data from Local System (collection)
T1552.004 — Private Keys (credential-access)

Malware

APTs (Intrusion Sets)

Modes of Introduction

Phase	Note
Architecture and Design	OMISSION: This weakness is caused by missing a security tactic during the architecture and design phase.

Common Consequences

Impact: Read Application Data — Notes:

Potential Mitigations

None listed.

Applicable Platforms

None (Not Language-Specific, Undetermined)

Demonstrative Examples

N/A

Notes

Terminology: Different people use "cleartext" and "plaintext" to mean the same thing: the lack of encryption. However, within cryptography, these have more precise meanings. Plaintext is the information just before it is fed into a cryptographic algorithm, including already-encrypted text. Cleartext is any information that is unencrypted, although it might be in an encoded form that is not easily human-readable (such as base64 encoding).

← Back to CWE list