Trusting Self-reported IP Address| ID: 291 | Date: (C)2012-05-14 (M)2022-10-10 |
| Type: compound element | Status: INCOMPLETE |
| Abstraction Type: Variant |
Description
The use of IP addresses as authentication is flawed and can
easily be spoofed by malicious users.
Likelihood of Exploit: High
Applicable PlatformsLanguage Class: All
Time Of Introduction
Related Attack Patterns
Common Consequences
| Scope | Technical Impact | Notes |
|---|
| Access_ControlNon-Repudiation | Hide activitiesGain privileges / assume
identity | Malicious users can fake authentication information, impersonating any
IP address. |
Detection MethodsNone
Potential Mitigations
| Phase | Strategy | Description | Effectiveness | Notes |
|---|
| Architecture and Design | | Use other means of identity verification that cannot be simply
spoofed. Possibilities include a username/password or
certificate. | | |
Relationships
| Related CWE | Type | View | Chain |
|---|
| CWE-291 Requires CWE-471 | Weakness | CWE-1000 | |
Demonstrative Examples (Details)
- Both of these examples check if a request is from a trusted address
before responding to the request. (Demonstrative Example Id DX-99)
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
| Taxynomy | Id | Name | Fit |
|---|
| CLASP | | Trusting self-reported IP address | |
References:None
