T 5.165 Unauthorised access to or manipulation of data for web applications

When a web application is operated by a user, data is transmitted and normally saved both on the client and on the server side (e.g. in log files, browser and proxy caches). If this data is not protected appropriately during transmission and saving, it may be read or manipulated by unauthorised persons.

The different transmission routes and storage locations of the data regarding web applications result in specific threats that are explained on the basis of the following examples:

• Access and form data a user enters into the web browser are buffered in the browser cache. If an attacker gained access to the computer, he/she can read the browser cache and therefore the data worthy of protection, because the browser cache is normally not protected separately (e. g. by encryption).

• If GET parameters are transmitted in the URL, these may be saved to the log files of IT systems between the web application and the client (e. g. proxy servers). Proxy servers normally log the calling URL, including the transmitted GET parameters. Users having access rights to these log files can therefore read the data in the GET parameters. Consequently, if the web application transmits data worthy of protection in the GET parameters, the protection of this data cannot be guaranteed. Furthermore, confidential data in the GET parameters may be disclosed when sending a link or by viewing the browser history.

• If the session data of a web application must be stored on the client, this is frequently performed by saving the data in cookies. This may include data worthy of protection like the session ID. If an attacker gains access to the client (e. g. by executing malicious code on the client side), it is possible to read or use the content of cookies in an unauthorised manner or to unobtrusively send it to the attacker (see also T 5.170 Cross-Site Scripting (XSS)).