Unsecured HTTP cookies

OWASP 2013-A5 OWASP 2017-A6 PCI v3.2- CWE-614 WSTG-SESS-02 WASC-13

cookies are used to manage state, handle logins or simply to track you for advertising purposes and should be kept safe. The process involved in setting cookie are:-

  1. The server asks the user’s browser to set a cookie.
  2. It gives a name, value and other parameters.
  3. Browser stores the data in disk or memory. This depends on the cookie type.

Each request to the website sends the cookies along with the request. The major vulnerability with cookies are:-

  • Cookies are not protocoled specific. That is, a cookie set on the HTTPS website will also be accessible to the HTTP version.
  • Cookies can be accessed by JavaScript on the browser. So if a hacker gets to run specific intrusion JavaScript on your website. Then your cookies can be read by the hacker. This can be done using XSS.

Cookies set by this server are without the secure flags. This leads any HTTP link to the same server will result in the cookie being sent in clear text. The cookies may contain any sensitive information causing a high risk of vulnerability.

Impact

The impact of this vulnerability include:-

  • Huge data breach
  • Possible manipulation of application’s sensitive information

Mitigation / Precaution

Beagle recommends the following fixes:-

  • Set a secure flag as allowed through an encrypted channel (HTTPS).

Latest Articles