Unsecured HTTP cookies
OWASP 2013-A5 OWASP 2017-A6 PCI v3.2- CWE-614 WSTG-SESS-02 WASC-13
cookies are used to manage state, handle logins or simply to track you for advertising purposes and should be kept safe. The process involved in setting cookie are:-
- The server asks the user’s browser to set a cookie.
- It gives a name, value and other parameters.
- Browser stores the data in disk or memory. This depends on the cookie type.
Each request to the website sends the cookies along with the request. The major vulnerability with cookies are:-
- Cookies are not protocoled specific. That is, a cookie set on the HTTPS website will also be accessible to the HTTP version.
Cookies set by this server are without the secure flags. This leads any HTTP link to the same server will result in the cookie being sent in clear text. The cookies may contain any sensitive information causing a high risk of vulnerability.
The impact of this vulnerability include:-
- Huge data breach
- Possible manipulation of application’s sensitive information
Mitigation / Precaution
Beagle recommends the following fixes:-
- Set a secure flag as allowed through an encrypted channel (HTTPS).