AdvisoryAdvisoriesCISAAA23-208A

July 27, 2023

Web Application Access Control Abuse

July 27, 2023

What we know so far

The joint Cybersecurity Advisory by the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) aims to warn web application vendors and organizations about insecure direct object reference (IDOR) vulnerabilities. IDOR vulnerabilities, which result from inadequate authentication and authorization checks, allow malicious actors to modify, delete, or access sensitive data by manipulating website or API requests. These vulnerabilities are frequently exploited in data breaches, compromising millions of users' personal, financial, and health information. The advisory encourages implementing secure-by-design principles, using automated tools for code review, and using indirect reference maps to protect against IDOR flaws.

Arrow Right

Schedule a test

Our insights

Verified Security Tests

Protect your endpoints

Subscribe to alerts

July 27, 2023

Insights by Prelude

Authorization vulnerabilities, such as IDOR, are often discovered through a process known as fuzzing. Fuzzing is a security testing technique that involves automated input of various unexpected data to identify weaknesses in a web application's input validation and processing mechanisms. Because fuzzing is used to identify vulnerable applications, endpoint defenses should aim to detect it occurring both locally and remotely. If a fuzzing process is started on the same host as an EDR, the defense should stop the process immediately. This commonly occurs when an adversary (or insider threat) is running their attack from inside your network. If the fuzzing process is started from outside the perimeter, the EDR will need to detect it through the increase in network traffic. Fuzzing generates a large volume of connections against the server - often to the tune of tens of thousands in just a few seconds. While the firewall should also protect against a fuzzing attack, an EDR should act as the last-line of defense.

See if you are protected against this advisory

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories

AdvisoryAdvisoryCISAAA23-263A

September 20, 2023

#StopRansomware: Snatch Ransomware

AdvisoryAdvisoryCISAAA23-250A

September 7, 2023

CVE-2022-47966 and CVE-2022-42475

AdvisoryAdvisoryCISAAA23-242A

August 30, 2023

QakBot malware evolving

See all advisories

Arrow Right
VisionAdvisoriesOperatorDetectCareersCompany
SupportPressDocumentationPodcastBlogGitHub
Privacy PolicyDetect – TermsTechnical & Organizational MeasuresList of Prelude Sub-ProcessorsStandard Contractual ClausesData Privacy FAQ
Get Started

©2023 Prelude Research, Inc. All rights reserved.
Prelude, its logo and other trademarks are trademarks of Prelude Research, Inc. and may not be used without permission.

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyAccept

Cookies