Corgea LogoCorgea Security Hub

CWE-638: Not Using Complete Mediation

Learn about CWE-638 (Not Using Complete Mediation), its security impact, exploitation methods, and prevention guidelines.

What is Not Using Complete Mediation?

• Overview: Not Using Complete Mediation (CWE-638) occurs when a system fails to perform access checks every time a resource is accessed, leading to security vulnerabilities if an entity's rights or privileges change over time.

• Exploitation Methods:

  • Attackers can exploit this vulnerability by accessing resources with outdated or escalated privileges.
  • Common attack patterns include session hijacking and exploiting cached access controls.

• Security Impact:

  • Direct consequences include unauthorized access to sensitive data or system resources.
  • Potential cascading effects can lead to privilege escalation and data breaches.
  • Business impact may involve data loss, reputation damage, and compliance violations.

• Prevention Guidelines:

  • Specific code-level fixes include implementing access control checks on each access request.
  • Security best practices involve using centralized and consistent access control mechanisms.
  • Recommended tools and frameworks include those that provide robust authentication and authorization controls, such as OAuth and RBAC libraries.
Corgea can automatically detect and fix Not Using Complete Mediation in your codebase. [Try Corgea free today](https://corgea.app).

Technical Details

Likelihood of Exploit: Not specified

Affected Languages: Not Language-Specific

Affected Technologies: Not specified

Vulnerable Code Example

class FileServer:
    def __init__(self):
        self.user_permissions = {}  # Dictionary to store user permissions

    def set_permission(self, user_id, permission):
        """Set permission for a user"""
        self.user_permissions[user_id] = permission

    def access_file(self, user_id, file_name):
        # Vulnerability: Access check is performed only once and relies on outdated information
        if user_id in self.user_permissions:
            if self.user_permissions[user_id] == "read":
                return f"{user_id} is reading the file {file_name}"
            elif self.user_permissions[user_id] == "write":
                return f"{user_id} is writing to the file {file_name}"
        return "Access Denied"

# Simulating a change in user permissions after the initial check
server = FileServer()
server.set_permission("user1", "read")
print(server.access_file("user1", "file.txt"))  # Initial check passes
server.set_permission("user1", "none")  # Change permission, but access is still granted incorrectly
print(server.access_file("user1", "file.txt"))  # Access is still incorrectly granted

Explanation

In this vulnerable code example, the access control check is not performed dynamically. The permissions are checked once and assumed to remain constant during the session, leading to a situation where changes in permissions are not respected if they occur after the initial check. This is a classic example of not using complete mediation, where the system fails to enforce access controls consistently.

How to fix Not Using Complete Mediation?

To fix this vulnerability, the code should ensure that access control checks are enforced every time a resource is accessed. This means dynamically checking the user's permissions at the point of access to ensure any changes are immediately respected.

Fixed Code Example

class FileServer:
    def __init__(self):
        self.user_permissions = {}  # Dictionary to store user permissions

    def set_permission(self, user_id, permission):
        """Set permission for a user"""
        self.user_permissions[user_id] = permission

    def access_file(self, user_id, file_name):
        # Fix: Always check permissions dynamically at the point of access
        permission = self.user_permissions.get(user_id, "none")
        if permission == "read":
            return f"{user_id} is reading the file {file_name}"
        elif permission == "write":
            return f"{user_id} is writing to the file {file_name}"
        return "Access Denied"

# Properly enforced access control
server = FileServer()
server.set_permission("user1", "read")
print(server.access_file("user1", "file.txt"))  # Initial check passes
server.set_permission("user1", "none")  # Change permission
print(server.access_file("user1", "file.txt"))  # Access is denied as expected

Explanation

In the fixed code example, the access_file method now retrieves the user's current permissions every time a file is accessed. This ensures that any updates to permissions are immediately respected, preventing unauthorized access and aligning with security best practices for complete mediation. This approach dynamically checks permissions, ensuring that the system always operates with the most current data.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-638: Not Using Complete Mediation and get remediation guidance

Start for free and no credit card needed.