BaseIncomplete
CWE-640Weak Password Recovery Mechanism for Forgotten Password
Category: auth
Description
The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
Common consequences· 3
- Access Control — Gain Privileges or Assume IdentityAn attacker could gain unauthorized access to the system by retrieving legitimate user's authentication credentials.
- Availability — DoS: Resource Consumption (Other)An attacker could deny service to legitimate system users by launching a brute force attack on the password recovery mechanism using user ids of legitimate users.
- Integrity / Other — OtherThe system's security functionality is turned against the system by the attacker.
Potential mitigations· 5
- [Architecture and Design]Make sure that all input supplied by the user to the password recovery mechanism is thoroughly filtered and validated.
- [Architecture and Design]Do not use standard weak security questions and use several security questions.
- [Architecture and Design]Make sure that there is throttling on the number of incorrect answers to a security question. Disable the password recovery functionality after a certain (small) number of incorrect guesses.
- [Architecture and Design]Require that the user properly answers the security question prior to resetting their password and sending the new password to the e-mail address of record.
- [Architecture and Design]Never allow the user to control what e-mail address the new password will be sent to in the password recovery mechanism.
Related CAPEC attack patterns· 1
References
Exploits (incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Password Recovery Exploitationcapec-50 | 100% | live |
(incoming)46
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-10127cve-2025-10127 | 0% | live |
| Vulnerability | CVE-2025-12866cve-2025-12866 | 0% | live |
| Vulnerability | CVE-2025-13565cve-2025-13565 | 0% | live |
| Vulnerability | CVE-2025-15398cve-2025-15398 | 0% | live |
| Vulnerability | CVE-2025-1570cve-2025-1570 | 0% | live |
| Vulnerability | CVE-2025-22144cve-2025-22144 | 0% | live |
| Vulnerability | CVE-2025-31380cve-2025-31380 | 0% | live |
| Vulnerability | CVE-2025-32486cve-2025-32486 | 0% | live |
| Vulnerability | CVE-2025-41251cve-2025-41251 | 0% | live |
| Vulnerability | CVE-2025-4319cve-2025-4319 | 0% | live |
| Vulnerability | CVE-2025-4320cve-2025-4320 | 0% | live |
| Vulnerability | CVE-2025-43931cve-2025-43931 | 0% | live |
| Vulnerability | CVE-2025-43932cve-2025-43932 | 0% | live |
| Vulnerability | CVE-2025-4552cve-2025-4552 | 0% | live |
| Vulnerability | CVE-2025-47646cve-2025-47646 | 0% | live |
| Vulnerability | CVE-2025-50433cve-2025-50433 | 0% | live |
| Vulnerability | CVE-2025-50503cve-2025-50503 | 0% | live |
| Vulnerability | CVE-2025-50594cve-2025-50594 | 0% | live |
| Vulnerability | CVE-2025-52560cve-2025-52560 | 0% | live |
| Vulnerability | CVE-2025-6097cve-2025-6097 | 0% | live |
| Vulnerability | CVE-2025-6216cve-2025-6216 | 0% | live |
| Vulnerability | CVE-2025-62406cve-2025-62406 | 0% | live |
| Vulnerability | CVE-2025-62709cve-2025-62709 | 0% | live |
| Vulnerability | CVE-2025-63314cve-2025-63314 | 0% | live |
| Vulnerability | CVE-2025-64101cve-2025-64101 | 0% | live |
| Vulnerability | CVE-2025-64113cve-2025-64113 | 0% | live |
| Vulnerability | CVE-2025-66225cve-2025-66225 | 0% | live |
| Vulnerability | CVE-2025-69614cve-2025-69614 | 0% | live |
| Vulnerability | CVE-2025-8855cve-2025-8855 | 0% | live |
| Vulnerability | CVE-2026-1325cve-2026-1325 | 0% | live |
Showing top 30 of 46 by confidence. Click any target to see the full neighbourhood.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.