CVE-2026-1814
Insufficient Entropy Weakness in Rapid7 Nexpose Keystore Passwords
Publication date: 2026-02-03
Last updated on: 2026-02-09
Assigner: Rapid7, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rapid7 | nexpose | From 6.4.50 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-331 | The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Rapid7 Nexpose versions 6.4.50 and later. It involves an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword() method. Specifically, when the application updates legacy keystore passwords, it generates a new password that is too short (7-12 characters) and always starts with a static prefix 'p'. This results in a weak keyspace, making the password easier to guess.
An attacker who gains access to the nsc.ks file can use consumer-grade hardware to brute-force the weak password and decrypt stored credentials.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to sensitive credentials stored within the Nexpose application. If an attacker obtains the nsc.ks file, they can brute-force the weakly generated password to decrypt these credentials.
This could result in compromised systems or data, as attackers may use the decrypted credentials to escalate privileges, move laterally within a network, or access protected resources.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know