Insecure Data Transport
Insecure Data Transport
Overview of the Vulnerability
When data is transmitted over unencrypted channels, it can be intercepted via a Person-in-the-Middle (PitM) attack. An attacker can then gather user data and potentially send requests to the server pretending to be the legitimate user, or otherwise collect sensitive user data.
Business Impact
This vulnerability can lead to reputational damage and indirect financial loss to the company as customers may view the application as insecure. It can also lead to data theft via an attacker’s ability to manipulate data through their ability to make requests to the server using a legitimate session token.
Steps to Reproduce
Enable a HTTP interception proxy, such as Burp Suite or OWASP ZAP
Use a browser to navigate to: {{URL}}
Observe data in transit does not enforce TLS for all pages
Monitor the network traffic and intercept user session cookies
Replay the cookie and hijack the authenticated session
Modify user's personal identifiable information (PII)
Proof of Concept (PoC)
The screenshots below show sensitive data being transmitted insecurely:
{{screenshot}}
Recommendation(s)
All sensitive data should be encrypted while it is being transmitted to and from the application.
Last updated