Insecure Authentication

ID

go.insecure_authentication

Severity

high

Resource

Information Leak

Language

Go

Tags

CWE:319, NIST.SP.800-53, OWASP:2021:A4, PCI-DSS:6.5.4, PCI-DSS:6.5.6

Description

Insecure authentication occurs when authentication credentials, such as passwords, are transmitted over an insecure channel, such as HTTP, making them vulnerable to interception.

Rationale

Insecure authentication is a significant vulnerability that arises when sensitive information, like passwords or tokens, is transmitted without proper encryption. This usually happens over unsecured communication channels, like HTTP, where attackers can easily intercept and capture these credentials.

Here’s a Golang example illustrating insecure authentication:

package insecure_authentication

import (
	"fmt"
	"io/ioutil"
	"net/http"
)

func main() {
	client := &http.Client{}

	req, err := http.NewRequest("GET", "http://example.com", nil)
	if err != nil {
		fmt.Println("Error creating request:", err)
		return
	}

	req.SetBasicAuth("user", "pass") // FLAW

	resp, err := client.Do(req)
	if err != nil {
		fmt.Println("Error making request:", err)
		return
	}
	defer resp.Body.Close()

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		fmt.Println("Error reading response:", err)
		return
	}

	fmt.Println("Response:", string(body))
}

Remediation

To remediate this vulnerability, ensure that all sensitive information is transmitted over secure channels such as HTTPS. This ensures that the data is encrypted in transit.

Here’s the corrected version of the previous example:

package insecure_authentication

import (
	"fmt"
	"io/ioutil"
	"net/http"
)

func main() {
	client := &http.Client{}

	req, err := http.NewRequest("GET", "https://example.com", nil)
	if err != nil {
		fmt.Println("Error creating request:", err)
		return
	}

	req.SetBasicAuth("user", "pass") // FLAW

	resp, err := client.Do(req)
	if err != nil {
		fmt.Println("Error making request:", err)
		return
	}
	defer resp.Body.Close()

	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		fmt.Println("Error reading response:", err)
		return
	}

	fmt.Println("Response:", string(body))
}

Additionally, consider implementing further security measures such as multi-factor authentication and using secure password storage mechanisms like bcrypt for hash-based password handling.

References

  • CWE-319 : Cleartext Transmission of Sensitive Information.