CWE - CWE-767: Access to Critical Private Variable via Public Method (1.6)

Home > CWE List > CWE- Individual Dictionary Definition (1.6)

CWE List
Full Dictionary View
Development View
Research View
Reports

About
Sources
Process
Documents

Community
Related Activities
Discussion List
Research
CWE/SANS Top 25
CWSS

News
Calendar
Free Newsletter

Compatibility
Program
Requirements
Declarations
Make a Declaration

Contact Us
Search the Site

CWE-767: Access to Critical Private Variable via Public Method

Access to Critical Private Variable via Public Method

Weakness ID: 767 (Weakness Variant)

Status: Incomplete

Description

Description Summary

The software defines a public method that reads or modifies a private variable.

Extended Description

If an attacker modifies the variable to contain unexpected values, this could violate assumptions from other parts of the code. Additionally, if an attacker can read the private variable, it may expose sensitive information or make it easier to launch further attacks.

Time of Introduction

Architecture and Design
Implementation

Applicable Platforms

Languages

C++

Java

Likelihood of Exploit

Low to Medium

Demonstrative Examples

Example 1

The following example declares a critical variable to be private, and then allows the variable to be modified by public methods.

(Bad Code)

C++

private: float price;

public: void changePrice(float newPrice) {

price = newPrice;

}

Example 2

The following example could be used to implement a user forum where a single user (UID) can switch between multiple profiles (PID).

(Bad Code)

Java

public class Client {

private int UID;

public int PID;

private String userName;

public Client(String userName){

PID = getDefaultProfileID();

UID = mapUserNametoUID( userName );

this.userName = userName;

}

public void setPID(int ID) {

UID = ID;

}

The programmer implemented setPID with the intention of modifying the PID variable, but due to a typo. accidentally specified the critical variable UID instead. If the program allows profile IDs to be between 1 and 10, but a UID of 1 means the user is treated as an admin, then a user could gain administrative privileges as a result of this typo.

Potential Mitigations

Phase	Description
Implementation	Use class accessor and mutator methods appropriately. Perform validation when accepting data from a public method that is intended to modify a critical private variable. Also be sure that appropriate access controls are being applied when a public method interfaces with critical data.

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to
ChildOf	Weakness Class	485	Insufficient Encapsulation	Development Concepts (primary)699 Research Concepts1000
ChildOf	Weakness Class	668	Exposure of Resource to Wrong Sphere	Research Concepts (primary)1000

Taxonomy Mappings

Mapped Taxonomy Name	Node ID	Fit	Mapped Node Name
CLASP			Failure to protect stored data from modification

Maintenance Notes

This entry is closely associated with access control for public methods. If the public methods are restricted with proper access controls, then the information in the private variable will not be exposed to unexpected parties. There may be chaining or composite relationships between improper access controls and this weakness.

Content History

Submissions
Submission Date	Submitter	Organization	Source
2009-03-03			Internal CWE Team
2009-03-03

Page Last Updated: October 29, 2009


	CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is hosted by The MITRE Corporation. Copyright 2009, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation. Contact cwe@mitre.org for more information.	Privacy policy Terms of use Contact us