Session Management / Exposed Session Variables

Web and API

Description

Exposed Session Variables, classified as a Session Management vulnerability in the CWE directory and OWASP Testing Guide, occurs when application or web server environment variables are accessible to users or attackers, potentially exposing sensitive information. This can create a risk of session hijacking and other malicious activities.

Risk

The risk associated with Exposed Session Variables is high as user sessions can be hijacked and sensitive information can be leaked.

Solution

The best solution to Exposed Session Variables is to restrict access to environment variables and limit access to only those necessary for the application to function. Additionally, applications should have a secure authentication system to verify user identities.

Example

Below is an example taken from CVE-2020-9277 where a session variable was exposed:

if (isset($_SESSION['users_id'])) {
  $users_id = $_SESSION['users_id'];
  $query = "SELECT * FROM users WHERE users_id = '$users_id'";
  $result = mysqli_query($con, $query);
  while ($row = mysqli_fetch_array($result)) {
    // other code
  }
}

Curious? Convinced? Interested?

Arrange a no-obligation consultation with one of our product experts today.