Network Communication / Sensitive Information Sent via Unencrypted Channels

Description

Sensitive Information Sent via Unencrypted Channels is a vulnerability that occurs when confidential data is sent over a network without proper encryption. This vulnerability can be found in Web and API applications (CWE-319). It is categorized as a Network Communication vulnerability in the OWASP Testing Guide. In some cases, the data may be encrypted but the encryption method may be too weak to prevent malicious attackers from exploiting the vulnerability.

Risk

The risk of sending sensitive information via unencrypted channels is that the data can be intercepted and read by malicious actors. This can lead to the theft of confidential data, such as passwords, financial information, and other sensitive data. Additionally, if there is an authentication protocol used to secure the data, it could be bypassed by attackers. A risk assessment should be conducted to determine the potential impact of this vulnerability.

Solution

The best way to mitigate this vulnerability is to ensure that all data sent over the network is encrypted using a strong encryption protocol. For web applications, TLS/SSL should be used to encrypt the data before it is sent. Additionally, authentication protocols should be used to ensure that only authorized users can access the data.

Example

// Vulnerability Example
String query = "SELECT user_password FROM USERS WHERE user_name='" + username + "'";
ResultSet rs = stmt.executeQuery(query);

// Secure Example
String query = "SELECT AES_ENCRYPT(user_password, 's3cr3t_k3y') FROM USERS WHERE user_name='" + username + "'";
ResultSet rs = stmt.executeQuery(query);

The example above shows how a vulnerable query can be modified to use encryption. In the vulnerable example, the user's password is sent in plaintext. In the secure example, the user's password is encrypted before it is sent.