Insecure functionality - Fingerprint
Description
The application allows unsolicited user data updates.
Impact
Update and consult information related to the user.
Recommendation
Make sure that the fields to be updated are the same as those requested from the user.
Threat
Authenticated attacker on the Internet.
Expected Remediation Time
⌚ 30 minutes.
Score
Default score using CVSS 3.1. It may change depending on the context of the vulnerability.
Base
- Attack vector: N
- Attack complexity: L
- Privileges required: L
- User interaction: N
- Scope: U
- Confidentiality: N
- Integrity: L
- Availability: N
Temporal
- Exploit code madurity: P
- Remediation level: W
- Report confidence: X
Result
- Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:W/RC:X
- Score:
- Base: 4.3
- Temporal: 4.0
- Severity:
- Base: Medium
- Temporal: Medium
Code Examples
Compliant code
The application securely ensures the field the user is trying to update
const updateInfo = (req, res) => {
if (isValidUser(req.body.user)) {
if (validateToken == req.body.token){
const fieldToUpdate = req.body.field;
const updatedField = req.body.infoChange;
//Change the correct user field (Code to validate/clean input data must also be included)
updateUser(fieldtoUpdate, updatedField);
}
}
}
Non compliant code
The application does not perform server side validation to confirm the field the user is trying to change
const updateInfo = (req, res) => {
if (isValidUser(req.body.user)) {
if (validateToken == req.body.token){
const updatedField = req.body.infoChange;
updateUser("password", updatedField);
}
}
}