CWE-347:Improper Verification of Cryptographic Signature
Weakness ID:347
Version:v4.17
Weakness Name:Improper Verification of Cryptographic Signature
Vulnerability Mapping:Allowed
Abstraction:Base
Structure:Simple
Status:Draft
Likelihood of Exploit:
▼Description
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
▼Extended Description
▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| ChildOf | Discouraged | C | 345 | Insufficient Verification of Data Authenticity |
Nature: ChildOf
Mapping: Discouraged
Type: Class
ID: 345
▼Memberships
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 310 | Cryptographic Issues |
| MemberOf | Prohibited | C | 859 | The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC) |
| MemberOf | Prohibited | V | 884 | CWE Cross-section |
| MemberOf | Prohibited | C | 959 | SFP Secondary Cluster: Weak Cryptography |
| MemberOf | Prohibited | C | 1013 | Encrypt Data |
| MemberOf | Prohibited | C | 1214 | Data Integrity Issues |
| MemberOf | Prohibited | C | 1346 | OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures |
| MemberOf | Prohibited | C | 1402 | Comprehensive Categorization: Encryption |
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 859
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 959
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1346
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1402
▼Tags
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | BS | BOSS-294 | Not Language-Specific Weaknesses |
| MemberOf | Prohibited | BS | BOSS-311 | Execute Unauthorized Code or Commands (impact) |
| MemberOf | Prohibited | BS | BOSS-318 | Modify Application Data (impact) |
| MemberOf | Prohibited | BS | BOSS-332 | Gain Privileges or Assume Identity (impact) |
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-311
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-332
▼Relevant To View
Relevant to the view"Architectural Concepts - (1008)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 1013 | Encrypt Data |
Relevant to the view"Software Development - (699)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 1214 | Data Integrity Issues |
Relevant to the view"OWASP Top Ten (2021) - (1344)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 1346 | OWASP Top Ten 2021 Category A02:2021 - Cryptographic Failures |
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1346
Relevant to the view"Software Development - (699)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 310 | Cryptographic Issues |
Relevant to the view"Software Fault Pattern (SFP) Clusters - (888)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 959 | SFP Secondary Cluster: Weak Cryptography |
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 959
▼Background Detail
▼Common Consequences
| Scope | Likelihood | Impact | Note |
|---|---|---|---|
| Access ControlIntegrityConfidentiality | N/A | Gain Privileges or Assume IdentityModify Application DataExecute Unauthorized Code or Commands | An attacker could gain access to sensitive data and possibly execute unauthorized code. |
Scope: Access Control, Integrity, Confidentiality
Likelihood: N/A
Impact: Gain Privileges or Assume Identity, Modify Application Data, Execute Unauthorized Code or Commands
Note:
An attacker could gain access to sensitive data and possibly execute unauthorized code.
▼Potential Mitigations
▼Modes Of Introduction
Phase: Architecture and Design
Note:
N/A
Phase: Implementation
Note:
REALIZATION: This weakness is caused during implementation of an architectural security tactic.
▼Applicable Platforms
Languages
Class: Not Language-Specific(Undetermined Prevalence)
▼Demonstrative Examples
Example 1
In the following code, a JarFile object is created from a downloaded file.
Language: ( code)
N/A
Language: Java(Bad code)
File f = new File(downloadedFilePath);
JarFile jf = new JarFile(f);
Language: ( code)
N/A
The JAR file that was potentially downloaded from an untrusted source is created without verifying the signature (if present). An alternate constructor that accepts a boolean verify parameter should be used instead.
▼Observed Examples
| Reference | Description |
|---|---|
| CVE-2002-1796 | Does not properly verify signatures for "trusted" entities. |
| CVE-2005-2181 | Insufficient verification allows spoofing. |
| CVE-2005-2182 | Insufficient verification allows spoofing. |
| CVE-2002-1706 | Accepts a configuration file without a Message Integrity Check (MIC) signature. |
Reference: CVE-2002-1796
Description:
Does not properly verify signatures for "trusted" entities.
Reference: CVE-2005-2181
Description:
Insufficient verification allows spoofing.
Reference: CVE-2005-2182
Description:
Insufficient verification allows spoofing.
Reference: CVE-2002-1706
Description:
Accepts a configuration file without a Message Integrity Check (MIC) signature.
▼Affected Resources
▼Functional Areas
▼Weakness Ordinalities
| Ordinality | Description |
|---|
▼Detection Methods
Automated Static Analysis
Detection Method ID:DM-14
Description:
Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
Effectiveness:High
Note:
N/A
▼Vulnerability Mapping Notes
Usage:Allowed
Reason:Acceptable-Use
Rationale:
This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comments:
Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Suggestions:
▼Notes
▼Taxonomy Mappings
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|---|---|---|
| PLOVER | N/A | N/A | Improperly Verified Signature |
| The CERT Oracle Secure Coding Standard for Java (2011) | SEC06-J | N/A | Do not rely on the default automatic signature verification provided by URLClassLoader and java.util.jar |
| ISA/IEC 62443 | Part 3-3 | N/A | Req SR 1.9 |
| ISA/IEC 62443 | Part 4-1 | N/A | Req SM-6 |
| ISA/IEC 62443 | Part 4-2 | N/A | Req EDR 3.12 |
| ISA/IEC 62443 | Part 4-2 | N/A | Req NDR 3.12 |
| ISA/IEC 62443 | Part 4-2 | N/A | Req HDR 3.12 |
Taxonomy Name: PLOVER
Entry ID: N/A
Fit: N/A
Entry Name: Improperly Verified Signature
Taxonomy Name: The CERT Oracle Secure Coding Standard for Java (2011)
Entry ID: SEC06-J
Fit: N/A
Entry Name: Do not rely on the default automatic signature verification provided by URLClassLoader and java.util.jar
Taxonomy Name: ISA/IEC 62443
Entry ID: Part 3-3
Fit: N/A
Entry Name: Req SR 1.9
Taxonomy Name: ISA/IEC 62443
Entry ID: Part 4-1
Fit: N/A
Entry Name: Req SM-6
Taxonomy Name: ISA/IEC 62443
Entry ID: Part 4-2
Fit: N/A
Entry Name: Req EDR 3.12
Taxonomy Name: ISA/IEC 62443
Entry ID: Part 4-2
Fit: N/A
Entry Name: Req NDR 3.12
Taxonomy Name: ISA/IEC 62443
Entry ID: Part 4-2
Fit: N/A
Entry Name: Req HDR 3.12
▼Related Attack Patterns
▼References
Details not found