1. Home
  2. CWE Database
  3. CWE-1293
Base · Medium

CWE-1293: Missing Source Correlation of Multiple Independent Data

The product relies on one source of data, preventing the ability to detect if an adversary has compromised a data source.

CWE-1293 · Base Level ·2 Mitigations

Description

The product relies on one source of data, preventing the ability to detect if an adversary has compromised a data source.

To operate successfully, a product sometimes has to implicitly trust the integrity of an information source. When information is implicitly signed, one can ensure that the data was not tampered in transit. This does not ensure that the information source was not compromised when responding to a request. By requesting information from multiple sources, one can check if all of the data is the same. If they are not, the system should report the information sources that respond with a different or minority value as potentially compromised. If there are not enough answers to provide a majority or plurality of responses, the system should report all of the sources as potentially compromised. As the seriousness of the impact of incorrect integrity increases, so should the number of independent information sources that would need to be queried.

Potential Impact

Confidentiality, Integrity

Read Application Data, Modify Application Data, Gain Privileges or Assume Identity

Mitigations & Prevention

Requirements

Design system to use a Practical Byzantine fault method, to request information from multiple sources to verify the data and report on potentially compromised information sources.

Implementation

Failure to use a Practical Byzantine fault method when requesting data. Lack of place to report potentially compromised information sources. Relying on non-independent information sources for integrity checking. Failure to report information sources that respond in the minority to incident response procedures.

CWE-345: Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid d...

CWE-654: Reliance on a Single Factor in a Security Decision

A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrit...

Frequently Asked Questions

What is CWE-1293?

CWE-1293 (Missing Source Correlation of Multiple Independent Data) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The product relies on one source of data, preventing the ability to detect if an adversary has compromised a data source.

How can CWE-1293 be exploited?

Attackers can exploit CWE-1293 (Missing Source Correlation of Multiple Independent Data) to read application data, modify application data, gain privileges or assume identity. This weakness is typically introduced during the Architecture and Design, Implementation, Operation phase of software development.

How do I prevent CWE-1293?

Key mitigations include: Design system to use a Practical Byzantine fault method, to request information from multiple sources to verify the data and report on potentially compromised information sources.

What is the severity of CWE-1293?

CWE-1293 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.