StackHawk Documentation StackHawk Logo HawkDocs
vulnerabilities
10057

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc
Back to Index

Username Hash Found

Reference
Plugin ID: 10057 CWE: 284 WASC: 2 Unknown Passive Access Control

Remediation

  1. Use indirect object references: Replace direct username hashes with session-specific indirect references or UUIDs.
  2. Implement authorization checks: Add proper authorization validation before accessing any user-specific resources.
  3. Remove unnecessary exposure: Eliminate username hashes from responses unless absolutely required for functionality.
  4. Use per-user tokens: Generate unique, non-predictable tokens for user identification instead of username-based hashes.
  5. Regular security testing: Conduct IDOR testing to ensure proper access controls are in place.

About

Username hash discovery occurs when applications expose hashed usernames in responses, URLs, or API calls. This can indicate potential Insecure Direct Object Reference (IDOR) vulnerabilities where attackers might manipulate these hashes to access other users' data or functionality.

Risks

Medium Username hash exposure can enable IDOR attacks, allowing unauthorized access to other users' accounts, data, or functionality by manipulating predictable user identifiers in requests.

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy