Deceptive Interactions
Traceability Loss - API Gateway
Description Some AWS API Gateway instances do not enable the logging feature, discarding information that can be managed by other AWS services such as Cloudwatch to detect possible system anomalies Impact Lose traceability of events of interest to ...
Clickjacking
Description The application can be embedded in malicious iframes allowing an attacker to hijack the user clicks to perform actions without the user consent. Impact Hijack the user clicks to execute unintended actions. Recommendation Set the ...
Insecurely generated token - Lifespan
Description Session tokens are generated with an expiration time of approximately 5 days. Impact Leverage a session token to modify user information. Recommendation Decrease the life time of the tokens. Threat Anonymous attacker from the Internet ...
Insecurely generated token - Validation
Description The system does not properly validate the token used for user creation. For this reason, it is possible to modify the header defining the algorithm with which the token is encrypted, so that it is not signed. Impact Create users within ...
Insecurely generated token - JWT
Description The token used to consume the user creation service in the application is not generated securely, because the key that signs the token is weak and was easily found as indicated in the finding of weak credentials. For this reason, an ...
Email spoofing
Description The absence of DMARC records could allow spoofing of the email domain. Impact Send unauthorized emails from the domain of the company, supplanting their identity and facilitating the realization of phishing attacks. Recommendation ...
Uncontrolled external site redirect
Description Redirects made by the application are not controlled and could be manipulated by an attacker. Impact Redirect users to sites controlled by an attacker. Recommendation Use predefined parameters and not information that can be manipulated ...
Phishing
Description The application users are susceptible to phishing, a social engineering technique in which attackers present themselves as a legitimate entity that the victim trusts and request confidential information (usually credentials). These ...
Server-side request forgery (SSRF)
Description It is possible to induce the application's server into making requests to an arbitrary domain. Impact - Obtain usable credentials at the API Connect endpoint. - Read, write and delete user and system data. - Browse any path registered in ...
Reverse tabnabbing
Description The system allows the introduction of a link to an external site controlled by a malicious actor. This site can then redirect the user to a different site in the original tab, making it look like a legitimate redirect performed by the ...
Missing subresource integrity check
Description The application does not properly check the integrity of resources loaded from third-party servers. Impact Embed compromised resources from a third party server. Recommendation Add the integrity attribute to HTML script tags. Threat ...
MDNS spoofing
Description The configuration of the MDNS services allows an attacker to spoof IP addresses effectively hijacking them or causing a denial-of-service. Alternatively, due to a lack of certain security measures, it is possible to intercept requests to ...
Insecurely generated token
Description It is possible to crack the token's hash and obtain the information it is masking because it is not generated using a secure cryptographic mechanism. Impact Reuse session tokens after 14 days created. Recommendation Generate a token with ...
Spoofing
Description It is possible to perform actions in the application and make it look as if they were performed by the system or another user. Examples include sending messages that appear to come from the system and modifying data in the name of other ...
Uncontrolled external site redirect - Host Header Injection
Description The server processes requests with the Host header set and redirects clients to any destination. Impact - Enumerate the internal network via trial and error. - Perform a subset of Server Side Request Forgery attacks. Recommendation ...