CWE-942: Permissive Cross-domain Security Policy with Untrusted Domains

VariantIncomplete

The product uses a web-client protection mechanism such as a Content Security Policy (CSP) or cross-domain policy file, but the policy includes untrusted domains with which the web client is allowed to communicate.

View on MITRE
Back to CWE Lookup

Extended Description

If a cross-domain policy file includes domains that should not be trusted, such as when using wildcards under a high-level domain, then the application could be attacked by these untrusted domains. In many cases, the attack can be launched without the victim even being aware of it.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms

Frequently Asked Questions

What is CWE-942: Permissive Cross-domain Security Policy with Untrusted Domains?+

CWE-942: Permissive Cross-domain Security Policy with Untrusted Domains is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product uses a web-client protection mechanism such as a Content Security Policy (CSP) or cross-domain policy file, but the policy includes untrusted domains with which the web client is allowed to communicate. If a cross-domain policy file includes domains that should not be trusted, such as when using wildcards under a high-level domain, then the application could be attacked by these untrusted domains. In many cases, the attack can be launched without the victim even being aware of it.

What are the security consequences of Permissive Cross-domain Security Policy with Untrusted Domains?+

If exploited, CWE-942 (Permissive Cross-domain Security Policy with Untrusted Domains) it can compromise Confidentiality, Integrity, Availability and Access Control, leading to outcomes such as Execute Unauthorized Code or Commands, Bypass Protection Mechanism, Read Application Data and Varies by Context.

How do you prevent or mitigate Permissive Cross-domain Security Policy with Untrusted Domains?+

Recommended mitigations for CWE-942 include: Define a restrictive Content Security Policy [REF-1486] or cross-domain policy file. Avoid using wildcards in the CSP / cross-domain policy file. Any domain matching the wildcard expression will be implicitly trusted, and can perform two-way interaction with the target server. For Flash, modify crossdomain.xml to use meta-policy options such as 'master-only' or 'none' to reduce the possibility of an attacker planting extraneous cross-domain policy files on a server.

Which programming languages are affected by Permissive Cross-domain Security Policy with Untrusted Domains?+

CWE-942 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What are real-world examples of Permissive Cross-domain Security Policy with Untrusted Domains?+

MITRE documents real CVEs mapped to CWE-942, including CVE-2012-2292, CVE-2014-2049, CVE-2007-6243, CVE-2008-4822 and CVE-2010-3636. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-942 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More