Description

This web application is using a caching system. By sending a POST request with the same GET parameter it was possible to force the caching system to cache a response that contains user-controlled input. This cached response can be later served to a victim resulting in various vulnerabilities.

Remediation

Caching keys should also include the HTTP method to prevent this type of issues.

References

Web Cache Entanglement: Novel Pathways to Poisoning

Related Vulnerabilities

HTTP Strict Transport Security (HSTS) Errors and Warnings

JavaMelody publicly accessible

ASP.NET CustomErrors Is Disabled

ASP.NET WCF metadata enabled for behavior

Access-Control-Allow-Origin header with wildcard (*) value

Severity

High

Classification

CWE-44 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Configuration