UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The designer will ensure the application has no canonical representation vulnerabilities.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16812 APP3600 SV-17812r1_rule DCSQ-1 Medium
Description
Canonical representation issues arise when the name of a resource is used to control resource access. There are multiple methods of representing resource names on a computer system. An application relying solely on a resource name to control access may incorrectly make an access control decision if the name is specified in an unrecognized format.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-17810r1_chk )
Ask the application representative for code review or scan results from the entire application. This can be provided as results from an automated code review or a vulnerability scanning tool. See section 5.4 of the Application Security and Development STIG for additional details.

If the results are provided from a manual code review, the application representative will need to demonstrate how canonical representation vulnerabilities are identified during code reviews.

1) If the results are not provided or the application representative cannot demonstrate how manual code reviews are performed to identify canonical representation vulnerabilities this is a finding.

Examples of Canonical Representation vulnerabilities can be obtained from the OWASP website.
Fix Text (F-17111r1_fix)
Protect against canonical representation attacks.