Java Reference
In-Depth Information
table 5.2 threat Modeling for threat Proiles: Attacker Can Use the User Accounts of
Legitimate Users of the Application
Detailed Threat Scenario
Possible Vulnerabilities
Impact of the Exploit
Cross-site scripting attack
:
The malicious user may ind
a cross-site scripting
vulnerability in the
application because of weak/
lax input validation and may
send phishing emails to
legitimate users of the
application, upon the
clicking of which the session
information of the legitimate
user is exposed to the
attacker and the attacker can
use this information to
perpetrate session hijacking
attacks on users in the
system.
Lack of proper input
validation scheme for inputs
at the server level
Lack of output encoding
Medium—The attacker may
be able to steal sessions of
some users in the system
and gain access to their user
proiles, passwords, and
transaction history and
perform actions on their
behalf
SQL injection:
The attacker
may craft SQL queries using
the input of the application
and gain access to the user
database containing
usernames and passwords,
from where all user accounts
are exposed to the attacker.
Lack of input validation
scheme at the server level
Lack of parameterized SQL
requests to the database
High—The attacker can
compromise the entire
database by gaining access
to it. Not only is sensitive
data exposed to the attacker,
but the database is also
available for the attacker.
This leads to a complete
compromise of the database
Session tampering:
The
attacker may be able to
guess session IDs for
different users and be able
to gain access to user
accounts of different users
through session hijacking.
Lack of strong random
session identiiers
Medium—The attacker may
be able to guess the session
IDs of the users and gain
access to user sessions of
various other logged-in
users. Some of the users will
be affected by this attack
Cross-site request forgery:
The attacker may force the
logged-on user to execute
requests without the user's
knowledge, thereby
performing actions as the
user illegally.
Lack of random request
tokens with each request
Lack of input validation,
thereby allowing cross-site
scripting
Medium—The attacker may
be able to execute requests
on behalf of some users in
the system. Some of the
users will be affected by this
attack
Search WWH ::
Custom Search