CWE-784
Reliance on Cookies without Validation and Integrity Checking in a Security Decision
AI Translation Available
The product uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user.
Status
draft
Abstraction
variant
Likelihood
high
Affected Platforms
Web Based
Web Server
Extended Description
AI Translation
Attackers can easily modify cookies, within the browser or by implementing the client-side code outside of the browser. Attackers can bypass protection mechanisms such as authorization and authentication by modifying the cookie to contain an expected value.
Technical Details
AI Translation
Common Consequences
access control
Impacts
bypass protection mechanism
gain privileges or assume identity
Potential Mitigations
Phases:
architecture and design
implementation
Descriptions:
•
Perform thorough input validation (i.e.: server side validation) on the cookie data if you're going to use it for a security related decision.
•
Avoid using cookie data for a security-related decision.
•
Add integrity checks to detect tampering.
•
Protect critical cookies from replay attacks, since cross-site scripting or other attacks may allow attackers to steal a strongly-encrypted cookie that also passes integrity checks. This mitigation applies to cookies that should only be valid during a single transaction or session. By enforcing timeouts, you may limit the scope of an attack. As part of your integrity check, use an unpredictable, server-side value that is not exposed to the client.