VariantDraft

CWE-293Using Referer Field for Authentication

Category: auth

Description

The referer field in HTTP requests can be easily modified and, as such, is not a valid means of message integrity checking.

Common consequences· 1

  • Access Control — Gain Privileges or Assume Identity
    Actions, which may not be authorized otherwise, can be carried out as if they were validated by the server referred to.

Potential mitigations· 1

  • [Architecture and Design]In order to usefully check if a given action is authorized, some means of strong authentication and method protection must be used. Use other means of authorization that cannot be simply spoofed. Possibilities include a username/password or certificate.

References

  1. https://cwe.mitre.org/data/definitions/293.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Server-Side Request Forgery (SSRF)
CWE
Cross-Site Request Forgery (CSRF)
CWE
Use of HTTP Request With Sensitive Query String
CWE
URL Redirection to Untrusted Site ('Open Redirect')
CWE
Authentication Bypass by Spoofing
CWE
Session Fixation
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.