CAPEC-204: Lifting Sensitive Data Embedded in Cache

Description

An adversary examines a target application's cache, or a browser cache, for sensitive information. Many applications that communicate with remote entities or which perform intensive calculations utilize caches to improve efficiency. However, if the application computes or receives sensitive information and the cache is not appropriately protected, an attacker can browse the cache and retrieve this information. This can result in the disclosure of sensitive information.

Extended Description

For example, servers may assume that clients will accurately compute values (such as prices), will send correctly structured messages, and will attempt to ensure efficient interactions with the server. By reverse-engineering a client and creating their own version, an adversary can take advantage of these assumptions to abuse service functionality.

For example, a purchasing service might send a unit price to its client and expect the client to correctly compute the total cost of a purchase. If the adversary uses a malicious client, however, the adversary could ignore the server input and declare any total price. Likewise, an adversary could configure the client to retain network or other server resources for longer than legitimately necessary in order to degrade server performance. Even services with general clients can be susceptible to this attack if they assume certain client behaviors. However, such services generally can make fewer assumptions about the behavior of their clients in the first place and, as such, are less likely to make assumptions that an adversary can exploit.

Severity :

Medium

Possibility :

Type :

Detailed

Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

CAPEC-167: White Box Reverse Engineering White Box Reverse Engineering CAPEC-560: Use of Known Domain Credentials Use of Known Domain Credentials

Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

The target application must store sensitive information in a cache.
The cache must be inadequately protected against attacker access.

Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

ATTACK | Data from Local System

Resources required

The attacker must be able to reach the target application's cache. This may require prior access to the machine on which the target application runs. If the cache is encrypted, the attacker would need sufficient computational resources to crack the encryption. With strong encryption schemes, doing this could be intractable, but weaker encryption schemes could allow an attacker with sufficient resources to read the file.

Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

CWE-311: Missing Encryption of Sensitive Data

CWE-524: Use of Cache Containing Sensitive Information

CWE-1239: Improper Zeroization of Hardware Register

CWE-1258: Exposure of Sensitive System Information Due to Uncleared Debug Information

Visit http://capec.mitre.org/ for more details.