CWE
Home > CWE List > CWE-302 Individual Dictionary Definition (Draft 9)   View the CWE List

CWE-302 Individual Dictionary Definition (Draft 9)

Authentication Bypass by Assumed-Immutable Data
Weakness ID
Status: Incomplete

302 (Weakness Variant)

Description

Summary

The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker, e.g. if a web application relies on a cookie "Authenticated=1"

Observed Examples
ReferenceDescription
CVE-2002-0367DebPloit
CVE-2004-0261Web auth
CVE-2002-1730Authentication bypass by setting certain cookies to "true".
CVE-2002-1734Authentication bypass by setting certain cookies to "true".
CVE-2002-2064Admin access by setting a cookie.
CVE-2002-2054Gain privileges by setting cookie.
CVE-2004-1611Product trusts authentication information in cookie.
CVE-2005-1708Authentication bypass by setting admin-testing variable to true.
CVE-2005-1787Bypass auth and gain privileges by setting a variable.
Relationships
NatureTypeIDName
ChildOfWeakness ClassWeakness ClassWeakness Class592Authentication Bypass Issues
Source Taxonomies

PLOVER - Authentication Bypass via Assumed-Immutable Data

Applicable Platforms

All

Related Attack Patterns
CAPEC-IDAttack Pattern Name
45Buffer Overflow via Symbolic Links
10Buffer Overflow via Environment Variables
21Exploitation of Session Variables, Resource IDs and other Trusted Credentials
39Manipulating Opaque Client-based Data Tokens
31Accessing/Intercepting/Modifying HTTP Cookies
13Subverting Environment Variable Values
77Manipulating User-Controlled Variables
Page Last Updated: April 22, 2008