The referer field in HTTP requests can be easily modified and, as such, is not a valid means of message integrity checking.
View on MITREActions, which may not be authorized otherwise, can be carried out as if they were validated by the server referred to.
In order to usefully check if a given action is authorized, some means of strong authentication and method protection must be used. Use other means of authorization that cannot be simply spoofed. Possibilities include a username/password or certificate.
No detection method information available for this CWE.
The following code samples check a packet's referer in order to decide whether or not an inbound request is from a trusted host.
These examples check if a request is from a trusted referer before responding to a request, but the code only verifies the referer name as stored in the request packet. An attacker can spoof the referer, thus impersonating a trusted client.
The following code samples check a packet's referer in order to decide whether or not an inbound request is from a trusted host.
These examples check if a request is from a trusted referer before responding to a request, but the code only verifies the referer name as stored in the request packet. An attacker can spoof the referer, thus impersonating a trusted client.
CWE-293: Using Referer Field for Authentication is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The referer field in HTTP requests can be easily modified and, as such, is not a valid means of message integrity checking.
If exploited, CWE-293 (Using Referer Field for Authentication) it can compromise Access Control, leading to outcomes such as Gain Privileges or Assume Identity.
Recommended mitigations for CWE-293 include: In order to usefully check if a given action is authorized, some means of strong authentication and method protection must be used. Use other means of authorization that cannot be simply spoofed. Possibilities include a username/password or certificate.
CWE-293 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
A CWE (Common Weakness Enumeration) like CWE-293 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.