14. What is a logic vulnerability? Name at least three types of business logic vulnerabilities and how to remediate them.
Definition
A logic vulnerability refers to a flaw caused by lax program logic or overly complex logic, resulting in some logical branches failing to execute correctly or executing erroneously.
Payment Vulnerabilities
- Price manipulation
- Payment status modification
- Quantity integer overflow
- Order substitution
- Payment gateway switching
- Rounding manipulation
- Privilege-escalation payment
Login Vulnerabilities
- Status flag modification
- Bypassing verification during password changes
Password Recovery Vulnerabilities
- Allowing brute-force attacks on passwords
- Existence of a universal recovery token
- Ability to skip verification steps
- Recovery tokens can be intercepted
Authentication Vulnerabilities
- Session fixation attacks
- Cookie impersonation (once Session or Cookie is obtained, user identity can be forged)
CAPTCHA Vulnerabilities
- Allowing brute-force attacks on the CAPTCHA
- Bypassing via JavaScript or packet modification