CWE-526
Cleartext Storage of Sensitive Information in an Environment Variable
AI Translation Available
The product uses an environment variable to store unencrypted sensitive information.
Status
incomplete
Abstraction
variant
Affected Platforms
Extended Description
AI Translation
Information stored in an environment variable can be accessible by other processes with the execution context, including child processes that dependencies are executed in, or serverless functions in cloud environments. An environment variable's contents can also be inserted into messages, headers, log files, or other outputs. Often these other dependencies have no need to use the environment variable in question. A weakness that discloses environment variables could expose this information.
Technical Details
AI Translation
Common Consequences
confidentiality
Impacts
read application data
Detection Methods
automated static analysis
Potential Mitigations
Phases:
architecture and design
implementation
Descriptions:
•
If the environment variable is not necessary for the desired behavior, then remove it entirely, or clear it to an empty value.
•
Encrypt information stored in the environment variable to protect it from being exposed to an unauthorized user. If encryption is not feasible or is considered too expensive for the business use of the application, then consider using a properly protected configuration file instead of an environment variable. It should be understood that unencrypted information in a config file is also not guaranteed to be protected, but it is still a better choice, because it reduces attack surface related to weaknesses such as CWE-214. In some settings, vaults might be a feasible option for safer data transfer. Users should be notified of the business choice made to not protect the sensitive information through encryption.