Detections
Analytics
Web Cache Poisoning Denial of Service
high Web App Scanning Plugin ID 114006
Language:
Synopsis
Web Cache Poisoning Denial of ServiceDescription
A caching system has been detected on the application and is vulnerable to web cache poisoning. By manipulating specific unkeyed inputs (headers or cookies that are not included when generating the cache key) it was possible to force the caching system to cache a response that contains user-controlled input. If a response is cached in a shared web cache, such as those commonly found in proxy servers, then all users of that cache will continue to receive the malicious content until the cache entry is purged. In this case, the affected resource will be unreachable, which, depending on the resource, can cause a DoS (Denial Of Service).Note that the scanner performs a safe check that does not affect website visitors but only the scanner itself.
Solution
Disable caching for the affected input or pages. If both the affected input and caching behavior are required, configure the cache to ensure that the input is included in the cache key.See Also
Plugin Details
Severity: High
ID: 114006
Type: remote
Family: Web Applications
Published: 8/30/2023
Updated: 4/23/2024
Scan Template: api, full, pci, scan
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS Score Source: Tenable
CVSS v3
Risk Factor: High
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Score Source: Tenable
Reference Information
CWE: 444
OWASP: 2021-A4
WASC: HTTP Request Smuggling
DISA STIG: APSC-DV-002560
HIPAA: 164.312(a)(1), 164.312(e)
ISO: 27001-A.13.1.3, 27001-A.13.2.1, 27001-A.14.1.2, 27001-A.14.1.3
NIST: sp800_53-AC-4
OWASP API: 2019-API7, 2023-API8
OWASP ASVS: 4.0.2-5.1.3
PCI-DSS: 3.2-2.2