CWE-352 - Cross-Site Request Forgery (CSRF)
CWE-352 Medium
- Abstraction:
- Compound
- Structure:
- Composite
- Status:
- Stable
- Weakness Name
Cross-Site Request Forgery (CSRF)
- Description
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
When a web server is designed to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it might be possible for an attacker to trick a client into making an unintentional request to the web server which will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.
- Common Consequences
Scope: Confidentiality, Integrity, Availability, Non-Repudiation, Access Control
Impact: Gain Privileges or Assume Identity, Bypass Protection Mechanism, Read Application Data, Modify Application Data, DoS: Crash, Exit, or Restart
Notes: The consequences will vary depending on the nature of the functionality that is vulnerable to CSRF. An attacker could effectively perform any operations as the victim. If the victim is an administrator or privileged user, the consequences may include obtaining complete control over the web application - deleting or stealing data, uninstalling the product, or using it to launch other attacks against all of the product's users. Because the attacker has the identity of the victim, the scope of CSRF is limited only by the victim's privileges.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29