CWE-766: Critical Data Element Declared Public
Learn about CWE-766 (Critical Data Element Declared Public), its security impact, exploitation methods, and prevention guidelines.
What is Critical Data Element Declared Public?
• Overview: CWE-766 occurs when a critical data element, such as a variable, field, or member, is declared public in the code, contrary to security policies that require it to be private. This can lead to unintended access and potential misuse of sensitive data.
• Exploitation Methods:
- Attackers can exploit this vulnerability by accessing the public data element and manipulating or extracting sensitive information.
- Common attack patterns include unauthorized reads, unintended data modification, or using the exposed data to escalate privileges.
• Security Impact:
- Direct consequences of successful exploitation include unauthorized access to critical data, leading to data breaches or corruption.
- Potential cascading effects include increased difficulty in maintaining the product, which can introduce new vulnerabilities.
- Business impact may involve loss of customer trust, legal repercussions, and financial damage due to data misuse.
• Prevention Guidelines:
- Specific code-level fixes include reviewing and modifying access modifiers to ensure critical data elements are private.
- Security best practices involve conducting regular code reviews and implementing consistent access control policies.
- Recommended tools and frameworks include static analysis tools that can detect access control issues, and adopting frameworks that enforce encapsulation and data hiding principles.
Technical Details
Likelihood of Exploit: Not specified
Affected Languages: C++, C#, Java
Affected Technologies: Not specified
Vulnerable Code Example
#include <iostream>
#include <string>
class UserAccount {
public:
// A critical data element, such as a password, is declared public.
// This allows any part of the program to access and modify it,
// potentially leading to security issues.
std::string password; // Critical data element exposed
UserAccount(const std::string& pwd) : password(pwd) {}
// Function to display the password (for demonstration purposes only)
void displayPassword() const {
std::cout << "Password: " << password << std::endl;
}
};
int main() {
UserAccount user("12345");
user.displayPassword();
// Potentially insecure access to the critical data element.
std::cout << "Direct access: " << user.password << std::endl; // Direct access to password
return 0;
}
How to fix Critical Data Element Declared Public?
Fixed Code Example
#include <iostream>
#include <string>
class UserAccount {
private:
// The password is now a private member, protecting it from unauthorized access
std::string password; // Critical data element is now private
public:
UserAccount(const std::string& pwd) : password(pwd) {}
// Method to change the password with potential security checks
void setPassword(const std::string& newPassword) {
// Add validation logic here if needed, such as checking password strength
password = newPassword;
}
// Method to verify password, or retrieve it securely if necessary
bool verifyPassword(const std::string& inputPassword) const {
// This example just checks for equality, but you could implement hashing
return password == inputPassword;
}
// Function to safely display a message instead of the actual password
void displayPassword() const {
std::cout << "Password is set and secure." << std::endl; // No sensitive information exposed
}
};
int main() {
UserAccount user("12345");
user.displayPassword();
// Direct access is no longer possible, improving security
// std::cout << "Direct access: " << user.password << std::endl; // Direct access prevented
return 0;
}
In the fixed example, the password is declared as a private member of the UserAccount class. We provide controlled access through the setPassword and verifyPassword methods. The displayPassword method is modified to ensure no sensitive information is exposed. This change adheres to best practices by preventing unauthorized access to critical data elements, thereby securing the application against potential misuse.