Skip to main content

Insecure functionality - Fingerprint

Description

The application allows unsolicited user data updates.

Impact

Update and consult information related to the user.

Recommendation

Make sure that the fields to be updated are the same as those requested from the user.

Threat

Authenticated attacker on the Internet.

Expected Remediation Time

⌚ 30 minutes.

Score

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base

  • Attack vector: N
  • Attack complexity: L
  • Privileges required: L
  • User interaction: N
  • Scope: U
  • Confidentiality: N
  • Integrity: L
  • Availability: N

Temporal

  • Exploit code madurity: P
  • Remediation level: W
  • Report confidence: X

Result

  • Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:W/RC:X
  • Score:
    • Base: 4.3
    • Temporal: 4.0
  • Severity:
    • Base: Medium
    • Temporal: Medium

Code Examples

Compliant code

The application securely ensures the field the user is trying to update

const updateInfo = (req, res) => {
if (isValidUser(req.body.user)) {
if (validateToken == req.body.token){
const fieldToUpdate = req.body.field;
const updatedField = req.body.infoChange;
//Change the correct user field (Code to validate/clean input data must also be included)
updateUser(fieldtoUpdate, updatedField);
}
}
}

Non compliant code

The application does not perform server side validation to confirm the field the user is trying to change

const updateInfo = (req, res) => {
if (isValidUser(req.body.user)) {
if (validateToken == req.body.token){
const updatedField = req.body.infoChange;
updateUser("password", updatedField);
}
}
}

Requirements