CVE-2023-27580
CodeIgniter Shield Password Shucking Vulnerability
Severity Score
5.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework. An improper implementation was found in the password storage process. All hashed passwords stored in Shield v1.0.0-beta.3 or earlier are easier to crack than expected due to the vulnerability. Therefore, they should be removed as soon as possible. If an attacker gets (1) the user's hashed password by Shield, and (2) the hashed password (SHA-384 hash without salt) from somewhere, the attacker may easily crack the user's password. Upgrade to Shield v1.0.0-beta.4 or later to fix this issue. After upgrading, all users’ hashed passwords should be updated (saved to the database). There are no known workarounds.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-03-04 CVE Reserved
- 2023-03-13 CVE Published
- 2024-08-02 CVE Updated
- 2024-10-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-916: Use of Password Hash With Insufficient Computational Effort
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html | Third Party Advisory | |
| https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pre-hashing-passwords | Not Applicable | |
| https://www.scottbrady91.com/authentication/beware-of-password-shucking | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/codeigniter4/shield/commit/ea9688dd01d100193d834117dbfc2cfabcf9ea0b | 2023-03-23 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/codeigniter4/shield/blob/develop/UPGRADING.md | 2023-03-23 | |
| https://github.com/codeigniter4/shield/security/advisories/GHSA-c5vj-f36q-p9vg | 2023-03-23 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Codeigniter Search vendor "Codeigniter" | Shield Search vendor "Codeigniter" for product "Shield" | 1.0.0 Search vendor "Codeigniter" for product "Shield" and version "1.0.0" | beta |
Affected
| ||||||
| Codeigniter Search vendor "Codeigniter" | Shield Search vendor "Codeigniter" for product "Shield" | 1.0.0 Search vendor "Codeigniter" for product "Shield" and version "1.0.0" | beta2 |
Affected
| ||||||
| Codeigniter Search vendor "Codeigniter" | Shield Search vendor "Codeigniter" for product "Shield" | 1.0.0 Search vendor "Codeigniter" for product "Shield" and version "1.0.0" | beta3 |
Affected
| ||||||