Corgea LogoCorgea Security Hub

CWE-767: Access to Critical Private Variable via Public Method

Learn about CWE-767 (Access to Critical Private Variable via Public Method), its security impact, exploitation methods, and prevention guidelines.

What is Access to Critical Private Variable via Public Method?

• Overview: Access to Critical Private Variable via Public Method (CWE-767) involves a public method exposing or modifying a private variable, potentially allowing unauthorized access or modification by attackers.

• Exploitation Methods:

  • Attackers can exploit this by calling public methods that directly or indirectly expose or alter the private variable's value.
  • Common attack patterns include invoking public methods to retrieve sensitive data or to inject unexpected values into private variables.

• Security Impact:

  • Direct consequences include unauthorized access to sensitive information and unexpected behavior in the application.
  • Potential cascading effects involve breaking assumptions in other parts of the code, leading to further vulnerabilities.
  • Business impact can include data breaches, reputation damage, and financial losses due to exploitation.

• Prevention Guidelines:

  • Specific code-level fixes involve ensuring that public methods do not expose or alter critical private variables directly.
  • Security best practices include implementing proper encapsulation, validating inputs, and using access modifiers wisely.
  • Recommended tools and frameworks involve using static analysis tools to detect such vulnerabilities and adopting secure coding practices.
Corgea can automatically detect and fix Access to Critical Private Variable via Public Method in your codebase. [Try Corgea free today](https://corgea.app).

Technical Details

Likelihood of Exploit: Not specified

Affected Languages: C++, C#, Java

Affected Technologies: Not specified

Vulnerable Code Example

C++ Example

#include <iostream>
#include <string>

class UserAccount {
private:
    std::string password; // Critical private variable

public:
    UserAccount(const std::string& pwd) : password(pwd) {}

    // Vulnerable method: public access to critical private variable
    std::string& getPassword() { // Returns a reference to the private variable
        return password; // Allows external modification of the password
    }

    void setPassword(const std::string& pwd) {
        password = pwd;
    }
};

int main() {
    UserAccount user("securepassword123");
    std::cout << "Password: " << user.getPassword() << std::endl; // Accessing private variable directly
    return 0;
}

Explanation:
The UserAccount class exposes the private variable password through the getPassword() method, which returns a reference. This allows external code to both read and modify the password directly, bypassing any intended encapsulation and control mechanisms. Such exposure can lead to unauthorized access or unintended modification of critical data.

How to fix Access to Critical Private Variable via Public Method?

To fix this vulnerability, adhere to the principle of encapsulation by avoiding direct exposure of private or sensitive data through public methods. Instead of providing a direct reference or pointer to the private data, you should:

  1. Return a copy of the data if read access is necessary, ensuring that the original data remains protected.
  2. Ensure that any modifications to the data are made through controlled interfaces, which can validate and sanitize inputs to maintain data integrity.

Fixed Code Example

C++ Example

#include <iostream>
#include <string>

class UserAccount {
private:
    std::string password; // Critical private variable

public:
    UserAccount(const std::string& pwd) : password(pwd) {}

    // Fixed method: return a copy of the password to prevent direct modification
    std::string getPassword() const { // Returns a copy, not a reference
        return password; // Protects the original password from modification
    }

    // Controlled access to modify the password
    void setPassword(const std::string& pwd) {
        if (isValidPassword(pwd)) { // Validate new password before setting
            password = pwd;
        } else {
            std::cerr << "Invalid password format." << std::endl; // Error handling for invalid passwords
        }
    }

private:
    bool isValidPassword(const std::string& pwd) const {
        // Implement password validation logic (e.g., length, complexity)
        return pwd.length() >= 8; // Simplified validation example
    }
};

int main() {
    UserAccount user("securepassword123");
    std::cout << "Password: " << user.getPassword() << std::endl; // Accessing a copy of the password
    return 0;
}

Explanation:
In the fixed code, getPassword() returns a copy of the password using std::string's value semantics, ensuring the original password remains protected from unauthorized modifications. The setPassword() method now includes basic validation logic to ensure that any new password meets the defined criteria before being accepted, enhancing data integrity. This demonstrates a more secure approach to handling sensitive data by adhering to encapsulation principles.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-767: Access to Critical Private Variable via Public Method and get remediation guidance

Start for free and no credit card needed.