Name Removing Important Client Functionality
Likelyhood of attack Typical severity
Summary An attacker removes or disables functionality on the client that the server assumes to be present and trustworthy. Attackers can, in some cases, get around logic put in place to 'guard' sensitive functionality or data. Client applications may include functionality that a server relies on for correct and secure operation. This functionality can include, but is not limited to, filters to prevent the sending of dangerous content to the server, logical functionality such as price calculations, and authentication logic to ensure that only authorized users are utilizing the client. If an attacker can disable this functionality on the client, they can perform actions that the server believes are prohibited. This can result in client behavior that violates assumptions by the server leading to a variety of possible attacks. In the above examples, this could include the sending of dangerous content (such as scripts) to the server, incorrect price calculations, or unauthorized access to server resources.
Prerequisites The targeted server must assume the client performs important actions to protect the server or the server functionality. For example, the server may assume the client filters outbound traffic or that the client performs all price calculations correctly. Moreover, the server must fail to detect when these assumptions are violated by a client.
Solutions Design: For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side. Design: Ship client-side application with integrity checks (code signing) when possible. Design: Use obfuscation and other techniques to prevent reverse engineering the client code.
Related Weaknesses
CWE ID Description
CWE-602 Client-Side Enforcement of Server-Side Security
Back to Top