A- Active Projects » BSN Corporate Digital Banking

Insecure direct object reference occurs when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers can bypass authorization and access resources in the system directly, for example database records or files. Insecure direct object reference allows attackers to bypass authorization and access resources directly by modifying the value of a parameter used to directly point to an object. Such resources can be database entries belonging to other users, files in the system, and more. This is caused by the fact that the application takes user supplied input and uses it to retrieve an object without performing sufficient authorization checks.

Solution provided by LGMS:
Preventing insecure direct object references requires selecting an approach for protecting each user accessible object (e.g., object number, filename):

1. Use per user or session indirect object references. This prevents attackers from directly targeting unauthorized resources. For example, instead of using the resource’s database key, a drop down list of six resources authorized for the current user could use the numbers 1 to 6 to indicate which value the user selected. The application has to map the per-user indirect reference back to the actual database key on the server.
2. Check access for each use of a direct object reference from an untrusted source must include an access control check to ensure the user is authorized for the requested object.

'Affected URL:

http://10.10.55.34:9081/bsn-admin-uat/ss103/groupDetails.do?SECONDARY_TOKEN=d4865bf6fe6814e21242a9635107d8cc&groupID=42
http://10.10.55.34:9081/bsn-admin-uat/ss103/groupEdit.do?SECONDARY_TOKEN=18d82afdeca739d0a06ca24584cd1495&groupID=262

Potential
http://10.10.55.34:9081/bsn-admin-uat/ss103/deleteGroupConfirm.do?SECONDARY_TOKEN=&groupID=264

Action Plan:
Fix query /JSP