VariantIncomplete

CWE-525Use of Web Browser Cache Containing Sensitive Information

Category: data-exposure

Description

The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.

Common consequences· 1

  • Confidentiality — Read Application Data
    Browsers often store information in a client-side cache, which can leave behind sensitive information for other users to find and exploit, such as passwords or credit card numbers. The locations at most risk include public terminals, such as those in libraries and Internet cafes.

Potential mitigations· 4

  • [Architecture and Design]Protect information stored in cache.
  • [Implementation]Use a restrictive caching policy for forms and web pages that potentially contain sensitive information, such as "no-cache" in the Cache-Control header.
  • [Architecture and Design]Do not store unnecessarily sensitive information in the cache.
  • [Architecture and Design]Consider using encryption in the cache.

Related CAPEC attack patterns· 1

CAPEC-37

References

  1. https://cwe.mitre.org/data/definitions/525.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternRetrieve Embedded Sensitive Datacapec-37100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Use of Persistent Cookies Containing Sensitive Information
CWE
Use of Cache Containing Sensitive Information
CWE
Unprotected Transport of Credentials
CWE
Sensitive Cookie Without 'HttpOnly' Flag
CWE
Reliance on Cookies without Validation and Integrity Checking in a Security Decision
CWE
Cross-Site Request Forgery (CSRF)
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.