J2EE Misconfiguration: Data Transmission Without Encryption

Description

This vulnerability occurs when a J2EE application transmits sensitive data, like login credentials or session tokens, across a network without using strong encryption. Attackers monitoring the network can easily intercept, read, or even alter this information if it's sent in plain text or protected by weak cryptographic methods.

Extended Description

In modern applications, data is constantly moving between clients, servers, and backend systems. When this communication isn't properly secured with protocols like TLS/SSL, it's akin to sending a confidential letter on a postcard—anyone handling it can read the contents. This exposes user data, authentication details, and business information to eavesdropping and manipulation during transit. To prevent this, developers must ensure all sensitive communications are encrypted end-to-end. This means enforcing HTTPS for web traffic, using up-to-date TLS configurations, and avoiding custom or deprecated encryption protocols. Proper implementation acts as a secure tunnel, ensuring data confidentiality and integrity from the point it leaves the client until it reaches the intended server.

Common Consequences 2

Scope: Confidentiality

Impact: Read Application Data

Scope: Integrity

Impact: Modify Application Data

Potential Mitigations 1

Phase: System Configuration

The product configuration should ensure that SSL or an encryption mechanism of equivalent strength and vetted reputation is used for all access-controlled pages.

References 1

Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors

Katrina Tsipenyuk, Brian Chess, and Gary McGraw

NIST Workshop on Software Security Assurance Tools Techniques and Metrics • NIST

07-11-2005

https://samate.nist.gov/SSATTM_Content/papers/Seven%20Pernicious%20Kingdoms%20-%20Taxonomy%20of%20Sw%20Security%20Errors%20-%20Tsipenyuk%20-%20Chess%20-%20McGraw.pdf

ID: REF-6

Applicable Platforms

Languages:

Java : Undetermined

Modes of Introduction

Implementation

Operation

Related Weaknesses

ChildOf:

Cleartext Transmission of Sensitive Information (CWE-319)

Taxonomy Mapping

7 Pernicious Kingdoms

Notes

Other If an application uses SSL to guarantee confidential communication with client browsers, the application configuration should make it impossible to view any access controlled page without SSL. There are three common ways for SSL to be bypassed: - A user manually enters URL and types "HTTP" rather than "HTTPS". - Attackers intentionally send a user to an insecure URL. - A programmer erroneously creates a relative link to a page in the application, which does not switch from HTTP to HTTPS. (This is particularly easy to do when the link moves between public and secured areas on a web site.)