Password Recovery Destination Manipulation via Session Puzzling
Variants:
Direct
Also Known As:
Session Variable Overloading
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Session Management
Invented In:
01/05/2011
Added In:
04/12/2014
Vector Operation Method:
Attackers can abuse credential recovery mechanisms by using forced access and session poisoning sequences to components that may override the session variable containing the recovery destination attribute. A valid example may be a password recovery mechanism used simultaneously with registration processes or profile update features, which may override session stored phone numbers, emails, and other recovery destinations.
