Which of the following are security weaknesses in this example?

A penetration tester is inspecting traffic on a new mobile banking application and sends the following web request:

POST http://www.example.com/resources/NewBankAccount HTTP/1.1

Content-type: application/json

{

"account":

{ "creditAccount":"Credit Card Rewards account"}

{ "salesLeadRef":"www.example.com/badcontent/exploitme.exe"}

],

"customer":

{ "name":"Joe Citizen"}

{ "custRef":"3153151"}

Questions & Answers PDF

}

The banking website responds with:

HTIP/1.1 200 OK

{

}

"newAccountDetails":

{ "cardNumber":"1234123412341234"}

{ "cardExpiry":"2020-12-31"}

{ "cardCVV":"909"}

],

"marketingCookieTracker":"JSESSION1D=000000001"

"returnCode":"Account added successfully"

Which of the following are security weaknesses in this example? (Select TWO).
A . Missing input validation on some fields
B . Vulnerable to SQL injection
C . Sensitive details communicated in clear-text
D . Vulnerable to XSS
E . Vulnerable to malware file uploads
F . JSON/REST is not as secure as XML

View Answer

Answer: A, C

Explanation:

The SalesLeadRef field has no input validation. The penetration tester should not be able to enter "www.example.com/badcontent/exploitme.exe" in this field.

The credit card numbers are communicated in clear text which makes it vulnerable to an attacker.

This kind of information should be encrypted.

Incorrect Answers:

B: There is nothing to suggest the system is vulnerable to SQL injection.

D: There is nothing to suggest the system is vulnerable to XSS (cross site scripting).

E: Although the tester was able to post a URL to malicious software, it does not mean the system is vulnerable to malware file uploads.

F: JSON/REST is no less secure than XML.