[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

147852

 
 

909

 
 

118110

 
 

156

Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Reliance on Cookies without Validation and Integrity Checking

ID: 565Date: (C)2012-05-14   (M)2020-02-26
Type: weaknessStatus: INCOMPLETE
Abstraction Type: Base





Description

The application relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.

Extended Description

Attackers can easily modify cookies, within the browser or by implementing the client-side code outside of the browser. Reliance on cookies without detailed validation and integrity checking can allow attackers to bypass authentication, conduct injection attacks such as SQL injection and cross-site scripting, or otherwise modify inputs in unexpected ways.

Applicable Platforms
None

Time Of Introduction

  • Architecture and Design
  • Implementation

Related Attack Patterns

Common Consequences

ScopeTechnical ImpactNotes
Access_Control
 
Gain privileges / assume identity
 
It is dangerous to use cookies to set a user's privileges. The cookie can be manipulated to escalate an attacker's privileges to an administrative level.
 

Detection Methods
None

Potential Mitigations

PhaseStrategyDescriptionEffectivenessNotes
Architecture and Design
 
 Avoid using cookie data for a security-related decision.
 
  
Implementation
 
 Perform thorough input validation (i.e.: server side validation) on the cookie data if you're going to use it for a security related decision.
 
  
Architecture and Design
 
 Add integrity checks to detect tampering.
 
  
Architecture and Design
 
 Protect critical cookies from replay attacks, since cross-site scripting or other attacks may allow attackers to steal a strongly-encrypted cookie that also passes integrity checks. This mitigation applies to cookies that should only be valid during a single transaction or session. By enforcing timeouts, you may limit the scope of an attack. As part of your integrity check, use an unpredictable, server-side value that is not exposed to the client.
 
  

Relationships
This problem can be primary to many types of weaknesses in web applications. A developer may perform proper validation against URL parameters while assuming that attackers cannot modify cookies. As a result, the program might skip basic input validation to enable cross-site scripting, SQL injection, price tampering, and other attacks..

Related CWETypeViewChain
CWE-565 ChildOf CWE-898 Category CWE-888  

Demonstrative Examples   (Details)

  1. The following code excerpt reads a value from a browser cookie to determine the role of the user. (Demonstrative Example Id DX-61)

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings
None

References:
None

CVE    11
CVE-2012-5631
CVE-2019-4638
CVE-2017-7279
CVE-2018-20512
...

© SecPod Technologies