Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
CWE-649
CVSS severity (NVD, All Time)
Per technology (GHSA, All time)
- 100%-Maven
Short description
Extended description
Best practices to prevent this CWE
Phase: Architecture and Design
Protect important client controllable tokens/parameters for integrity using PKI methods (i.e. digital signatures) or other means, and checks for integrity on the server side.
Phase: Architecture and Design
Repeated requests from a particular user that include invalid values of tokens/parameters (those that should not be changed manually by users) should result in the user account lockout.
Phase: Architecture and Design
Client side tokens/parameters should not be such that it would be easy/predictable to guess another valid state.
Phase: Architecture and Design
Obfuscation should not be relied upon. If encryption is used, it needs to be properly applied (i.e. proven algorithm and implementation, use padding, use random initialization vector, user proper encryption mode). Even with proper encryption where the ciphertext does not leak information about the plaintext or reveal its structure, compromising integrity is possible (although less likely) without the provision of the integrity service.