Tamper with action request or data in transit¶

Definition¶

An unauthorised entity modifies (part of) an action request or data while it is transmitted between two other entities.

Context¶

An action request or data element is transmitted over an uncontrolled channel.

Attacker capabilities¶

The attacker can influence (part of) the channel over which the action request is exchanged.

Explanation¶

An attacker changes part of an action request or data element that is exchanged between a requesting and receiving entity. Such changes might, for example, result in a different action being requested from the Receiver or the Receiver ignoring incorrectly formatted data. For example, an attacker might change the (amount of) products a customer buys from an online store or it might change a client's money deposit request to a withdrawal request.

An attacker changes the requested action or data element m into another element m'.

This problem is included in:

A02: Cryptographic Failures in the OWASP Top 10
A08: Software and Data Integrity Failures in the OWASP Top 10

Examples¶

An attacker changes the delivery address for a customer's purchase such that the purchased goods are delivered to him or her instead of the customer.
An attacker changes the action to retrieve the information for an identified account to an action to delete that account.
An attacker changes the action requested by the user to a non-existing one causing the request to be refused, essentially denying the user to correctly interact with the system.

Possible solutions¶

Verifiable transmission

Last update: February 7, 2022