Submission Details
Severity:
[H-02] Anyone can overwrite the password due to lack of access control
Summary
The comments above setPassword() claims that 'This function allows only the owner to set a new password'
However, the function does NOT impose any access control checks
and as a result, anyone can set a new password,
overwriting the previous password s_password
Vulnerability Details
Impact : High Likelyhood: High The below foundry POC shows that anyone is able to set a new password using the ```setPassword()``` function ``` function test_anyone_can_set_password() public { vm.startPrank(attacker); // Does NOT revert
// Allowing anyone to set a new password
string memory overridingPassword = "ICanSetPasswordToo";
passwordStore.setPassword(overridingPassword);
vm.stopPrank();
}
Which is clearly not intended by the owner
## Impact
High
## Tools Used
Manual Analysis
## Recommendations
Implement the ``` (msg.sender != s_owner)``` check and revert as shown below
function setPassword(string memory newPassword) external {
if (msg.sender != s_owner) {
revert PasswordStore__NotOwner();
}
s_password = newPassword;
emit SetNetPassword();
}
Updates
Lead Judging Commences
inallhonesty
about 2 years ago
inallhonesty about 2 years ago
Submission Judgement Published Assigned finding tags:
finding-lacking-access-control
Anyone can call `setPassword` and set a new password contrary to the intended purpose.
Rewards breakdown
nSLOC
20This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.