HTTP Query Session Check - Session In HTTP Query
4
(AV:N/AC:L/Au:M/C:P/I:N/A:N)
01/01/2017
07/18/2019
07/16/2019
07/16/2019
Description
So at the network level, URL parameters are secure, but there are some other ways in which URL based data can leak:
- URLs are stored in web server logs - typically the whole URL of each request is stored in a server log. This means that any sensitive data in the URL (e.g. a password) is being saved in clear text on the server. Query strings may be stored in the server log when a query string was used to send a password over HTTPS, e.g. 2017-03-03 17:59:59 W3SVC4326 WWW 192.168.1.1 GET /Default.htm password=mypassword 443
- URLs are stored in the browser history - browsers save URL parameters in their history even if the secure pages themselves are not cached.
- URLs are passed in Referrer headers - if a secure page uses resources, such as javascript, images or analytics services, the URL is passed in the Referrer request header of each embedded request. Sometimes the query string parameters may be delivered to and stored by third party sites.
Solution(s)
- sessioninhttpquery-httpquerycheck-r01
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center