CWE-942
Permissive Cross-domain Security Policy with Untrusted Domains
AI Translation Available
The product uses a web-client protection
mechanism such as a Content Security Policy (CSP) or
cross-domain policy file, but the policy includes untrusted
domains with which the web client is allowed to
communicate.
Status
incomplete
Abstraction
variant
Affected Platforms
Web Based
Web Server
Extended Description
AI Translation
If a cross-domain policy file includes domains that should not be trusted, such as when using wildcards under a high-level domain, then the application could be attacked by these untrusted domains. In many cases, the attack can be launched without the victim even being aware of it.
Technical Details
AI Translation
Common Consequences
confidentiality
integrity
availability
access control
Impacts
execute unauthorized code or commands
bypass protection mechanism
read application data
varies by context
Detection Methods
automated static analysis
Potential Mitigations
Phases:
architecture and design
operation
Descriptions:
•
Define a restrictive Content Security Policy [REF-1486] or cross-domain policy file.
•
For Flash, modify crossdomain.xml to use meta-policy options such as 'master-only' or 'none' to reduce the possibility of an attacker planting extraneous cross-domain policy files on a server.
•
Avoid using wildcards in the CSP / cross-domain policy file. Any domain matching the wildcard expression will be implicitly trusted, and can perform two-way interaction with the target server.