Appscan Unencrypted Login Request
The decrypted login request for the Appscan vulnerability is summarized as follows:
1.1, attack principle
When unencrypted sensitive information (such as login credentials, user name, password, email address, social security number, etc.) is sent to the server, any information transmitted to the server in plain text may be stolen. Attackers can use this information to initiate further steps. At the same time, this is also required by several privacy laws (such as the Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA), Financial Privacy: The Gramm-Leach Bliley Act), and sensitive information such as user credentials must be The encryption method is passed to the Web site.
1.2, defense suggestions
Encrypted transmission of sensitive information involved in the request process, such as changing the product HTTP access mode to HTTPS secure access mode; at the same time, perform security configuration in the conf file erver.xml of the Apache-Tomcat application server, in the product WEB.XML file Add restriction statements, etc. In addition to SSL encryption methods, other encrypted transmission methods that meet the requirements of the group encryption algorithm are also recognized: http://eip-owsg.paic.com.cn/isms/Admin/DownLoad.aspx?id=a2c04af6- a487-4899-998f-418c89c96318.docx.pdf
1.3, exceptions
Pure intranet system does not need to fix this vulnerability.
1.4, the actual repair plan
1. Change http request to https request method;
2. Sensitive information (such as login credentials, user name, password, email address, social security number, etc.) is encrypted before transmission.
0 comments:
Post a Comment