CWE-940 Detail

CWE-940

Name

Improper Verification of Source of a Communication Channel

Status

Incomplete

Published

2014-02-19
00h00 +00:00

Modified

2024-11-19
00h00 +00:00

Official links

CWE Mitre.org

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Notifications manage

List of Notifications

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CWE ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Name: Improper Verification of Source of a Communication Channel

The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin.

CWE Description

When an attacker can successfully establish a communication channel from an untrusted origin, the attacker may be able to gain privileges and access unexpected functionality.

General Informations

Modes Of Introduction

Architecture and Design
Implementation : REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Applicable Platforms

Language

Class: Not Language-Specific (Undetermined)

Technologies

Class: Mobile (Undetermined)

Common Consequences

Scope	Impact	Likelihood
Access Control Other	Gain Privileges or Assume Identity, Varies by Context Note: An attacker can access any functionality that is inadvertently accessible to the source.

Observed Examples

References	Description
CVE-2000-1218	DNS server can accept DNS updates from hosts that it did not query, leading to cache poisoning
CVE-2005-0877	DNS server can accept DNS updates from hosts that it did not query, leading to cache poisoning
CVE-2001-1452	DNS server caches glue records received from non-delegated name servers

Potential Mitigations

Phases : Architecture and Design

Use a mechanism that can validate the identity of the source, such as a certificate, and validate the integrity of data to ensure that it cannot be modified in transit using an Adversary-in-the-Middle (AITM) attack.

When designing functionality of actions in the URL scheme, consider whether the action should be accessible to all mobile applications, or if an allowlist of applications to interface with is appropriate.

Vulnerability Mapping Notes

Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Related Attack Patterns

CAPEC-ID	Attack Pattern Name
CAPEC-500	WebView Injection An adversary, through a previously installed malicious application, injects code into the context of a web page displayed by a WebView component. Through the injected code, an adversary is able to manipulate the DOM tree and cookies of the page, expose sensitive information, and can launch attacks against the web application from within the web page.
CAPEC-594	Traffic Injection An adversary injects traffic into the target's network connection. The adversary is therefore able to degrade or disrupt the connection, and potentially modify the content. This is not a flooding attack, as the adversary is not focusing on exhausting resources. Instead, the adversary is crafting a specific input to affect the system in a particular way.
CAPEC-595	Connection Reset In this attack pattern, an adversary injects a connection reset packet to one or both ends of a target's connection. The attacker is therefore able to have the target and/or the destination server sever the connection without having to directly filter the traffic between them.
CAPEC-596	TCP RST Injection An adversary injects one or more TCP RST packets to a target after the target has made a HTTP GET request. The goal of this attack is to have the target and/or destination web server terminate the TCP connection.

NotesNotes

While many access control issues involve authenticating the user, this weakness is more about authenticating the actual source of the communication channel itself; there might not be any "user" in such cases.

References

REF-324

A Taxonomy of Security Faults in the UNIX Operating System
Taimur Aslam.
https://cwe.mitre.org/documents/sources/ATaxonomyofSecurityFaultsintheUNIXOperatingSystem%5BAslam95%5D.pdf

Submission

Name	Organization	Date	Date release	Version
CWE Content Team	MITRE	2014-02-13 +00:00	2014-02-19 +00:00	2.6

Modifications

Name	Organization	Date	Comment
CWE Content Team	MITRE	2017-11-08 +00:00	updated Modes_of_Introduction, References, Relationships
CWE Content Team	MITRE	2019-06-20 +00:00	updated Related_Attack_Patterns
CWE Content Team	MITRE	2020-02-24 +00:00	updated Applicable_Platforms, Potential_Mitigations, Relationships
CWE Content Team	MITRE	2020-06-25 +00:00	updated Demonstrative_Examples, Potential_Mitigations
CWE Content Team	MITRE	2021-07-20 +00:00	updated Potential_Mitigations
CWE Content Team	MITRE	2021-10-28 +00:00	updated Relationships
CWE Content Team	MITRE	2022-10-13 +00:00	updated Relationships
CWE Content Team	MITRE	2023-01-31 +00:00	updated Description, Related_Attack_Patterns
CWE Content Team	MITRE	2023-04-27 +00:00	updated Relationships
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes, Relationships
CWE Content Team	MITRE	2024-11-19 +00:00	updated References