CWE-1385Missing Origin Validation in WebSockets

Description

The product uses a WebSocket, but it does not properly verify that the source of data or communication is valid.

[object Object]

Common consequences

• Confidentiality,Integrity,Availability,Non-Repudiation,Access Control→Varies by Context,Gain Privileges or Assume Identity,Bypass Protection Mechanism,Read Application Data,Modify Applicatio
  The consequences will vary depending on the nature of the functionality that is vulnerable to CSRF. An attacker could effectively perform any operations as the victim. If the victim is an administrator or privileged user, the consequences m

Potential mitigations

• Implementation
  Enable CORS-like access restrictions by verifying the 'Origin' header during the WebSocket handshake.
• Implementation
  Use a randomized CSRF token to verify requests.
• Implementation
  Use TLS to securely communicate using 'wss' (WebSocket Secure) instead of 'ws'.
• Architecture and Design,Implementation
  Require user authentication prior to the WebSocket connection being established. For example, the WS library in Node has a 'verifyClient' function.
• Implementation
  Leverage rate limiting to prevent against DoS. Use of the leaky bucket algorithm can help with this.
• Implementation
  Use a library that provides restriction of the payload size. For example, WS library for Node includes 'maxPayloadoption' that can be set.
• Implementation
  Treat data/input as untrusted in both directions and apply the same data/input sanitization as XSS, SQLi, etc.

Related CWEs

Recent CVEs classified under this CWE