目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-940 通信信道源的不正确验证 类漏洞列表 32

CWE-940 通信信道源的不正确验证 类弱点 32 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-940属于通信源验证缺陷漏洞。攻击者通过建立来自不可信来源的通信通道,绕过身份验证机制,从而获取未授权访问权限或执行特权操作。开发者应在处理传入请求时,严格校验通信通道的来源,确保其符合预期信任域,并实施来源白名单或签名验证,以防止恶意实体伪造请求入口,保障系统交互的安全性。

MITRE CWE 官方描述
CWE:CWE-940 通信通道来源验证不当 (Improper Verification of Source of a Communication Channel) 英文:产品建立了一个通信通道来处理由某个行为者发起的传入请求,但它没有正确验证该请求是否来自预期的来源。 当攻击者能够成功从不受信任的来源建立通信通道时,攻击者可能获得特权并访问非预期的功能。
常见影响 (1)
Access Control, OtherGain Privileges or Assume Identity, Varies by Context, Bypass Protection Mechanism
An attacker can access any functionality that is inadvertently accessible to the source.
缓解措施 (1)
Architecture and DesignUse a mechanism that can validate the identity of the source, such as a certificate, and validate the integrity of data to ensure that it cannot be modified in transit using an Adversary-in-the-Middle (AITM) attack. When designing functionality of actions in the URL scheme, consider whether the action should be accessible to all mobile applications, or if an allowlist of applications to interface …
代码示例 (2)
This Android application will remove a user account when it receives an intent to do so:
IntentFilter filter = new IntentFilter("com.example.RemoveUser"); MyReceiver receiver = new MyReceiver(); registerReceiver(receiver, filter); public class DeleteReceiver extends BroadcastReceiver { @Override public void onReceive(Context context, Intent intent) { int userID = intent.getIntExtra("userID"); destroyUserData(userID); } }
Bad · Java
These Android and iOS applications intercept URL loading within a WebView and perform special actions if a particular URL scheme is used, thus allowing the Javascript within the WebView to communicate with the application:
// Android @Override public boolean shouldOverrideUrlLoading(WebView view, String url){ if (url.substring(0,14).equalsIgnoreCase("examplescheme:")){ if(url.substring(14,25).equalsIgnoreCase("getUserInfo")){ writeDataToView(view, UserData); return false; } else{ return true; } } }
Bad · Java
// iOS -(BOOL) webView:(UIWebView *)exWebView shouldStartLoadWithRequest:(NSURLRequest *)exRequest navigationType:(UIWebViewNavigationType)exNavigationType { NSURL *URL = [exRequest URL]; if ([[URL scheme] isEqualToString:@"exampleScheme"]) { NSString *functionString = [URL resourceSpecifier]; if ([functionString hasPrefix:@"specialFunction"]) { // Make data available back in webview. UIWebView *webView = [self writeDataToView:[URL query]]; } return NO; } return YES; }
Bad · Objective-C
CVE ID标题CVSS风险等级Published
CVE-2022-4800 memos 安全漏洞 — usememos/memos 6.5 -2022-12-28
CVE-2021-41038 Eclipse Theia 安全漏洞 — @theia/plugin-ext 6.1 -2021-11-10

CWE-940(通信信道源的不正确验证) 是常见的弱点类别,本平台收录该类弱点关联的 32 条 CVE 漏洞。