Weak Authentication Method
ID |
weak_authentication_method |
Severity |
high |
Kind |
Authentication |
CWE |
287 |
Description
-
Authentication Credentials Captured: An insecure authentication mechanism is in use. This allows an attacker on the network access to the userid and password of the authenticated user. For Basic Authentication, the attacker must merely monitor the network traffic until a Basic Authentication request is received, and then base64 decode the username and password. For Digest Authentication, the attacker has access to the username, and possibly also the password, if the hash (including a nonce) can be successfully cracked, or if a Man-In-The-Middle attack is mounted. The attacker eavesdrops on the network until an authentication has completed.
-
Weak Authentication Method: HTTP basic or digest authentication has been used over an unsecured connection. The credentials can be read and then reused by someone with access to the network.
Rationale
HTTP Basic and Digest authentication transmit credentials in easily reversible formats over the network. Basic Authentication uses Base64 encoding which can be decoded instantly, while Digest Authentication exposes password hashes that can be cracked offline or replayed through man-in-the-middle attacks. An attacker monitoring network traffic on unsecured connections can capture these credentials and reuse them to impersonate legitimate users. Without TLS encryption, these authentication mechanisms provide minimal protection against eavesdropping, making credential theft trivial for network-level attackers.