Security Flashcards
What is a Insecure Direct Object Reference (IDOR)?
IDORs occur when an application provides direct access to objects based on the user-supplied inout.
What are IDORs problematic?
As a result of this vulnerability, attackers can bypass authorization and access resources in the system directly by interceptiong a POST request.
What is poor data validation?
Poor data validation occurs when an application does not validate submitted data correctly or sufficiently.
How to fix poor data validation/
When data is submitted to a web application, it should ensure that the data is strongly typed, has correct syntax, is within length boundaries, contains only permitted characters and within range boundaries. The data validation process should ideally be performed on the client side and again on the server side.
What is a security misconfiguration?
A security misconfiguration is any configuration in any part of the app (database server, 3rd-party libraries, custom code settings…) which can be exploited by an attacker to perform any action they should not be able to. The impact of these issues vary from which configuration is being exploited.
Can you give examples of security misconfiguration?
- Attackers can exploit security misconfiguration by logging in with default log in credentials to the application, the operating system or any of the public services it is running (Such as Database or Samba services) to gain unauthorized access to or knowledge of the system.
- Attackers can also exploit bad security configurations through unpatched flaws, unprotected files and directories to gain unauthorized access to or knowledge of the system.
How to fix security misconfigurations?
- Automated scanners are useful for detecting missing patches, misconfigurations, use of default accounts or unnecessary services.
- A process should be implemented for keeping all software up to date, with patches occurring in a timely manner to each deployed environment.
Where are broken authentication and session management flaws commonly found?
In functionalities such as logout, password management, secret question and account update.
What are 5 scenarios vulnerable to broken authentication and session management flaws?
- User credentials are stored with insufficient cryptographic levels.
- User credentials can be guessed or changed through poor account management.
- Session identifiers are exposed in the URL.
- The application does not use sufficient transport protection (Such as HTTPs or sFTP).
- Session parameters can be manually changed by the user through application functionality.
What is a failure to restrict URL access?
This occurs when an application hides functionality from basic users. In an application that fails to restrict URL access, administration links are only put onto the page if the user is an administrator. If users discover a page’s address, they can still access it via URL access.
How to fix a failure to restrict URL access?
Preventing unauthorized URL access requires selecting an approach for requiring proper authentication and proper authorization for each page. The easier the authentication is to include in a page the more likely that all pages will be covered by the policy.
