Description
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
Potential Impact
Confidentiality
Read Application Data
Mitigations & Prevention
Protect information stored in cache.
Use a restrictive caching policy for forms and web pages that potentially contain sensitive information, such as "no-cache" in the Cache-Control header.
Do not store unnecessarily sensitive information in the cache.
Consider using encryption in the cache.
Real-World CVE Examples
| CVE ID | Description |
|---|---|
| CVE-2024-30127 | Product does not set the "no-cache" option in the HTTP Cache-Control, allowing sensitive information to be cached |
| CVE-2024-45314 | Login form for an application development framework does not set "no-cache" and other options in the HTTP Cache-Control header, allowing sensitive information to be cached |
Related Weaknesses
Taxonomy Mappings
- OWASP Top Ten 2004: A2 — Broken Access Control
- OWASP Top Ten 2004: A3 — Broken Authentication and Session Management
Frequently Asked Questions
What is CWE-525?
CWE-525 (Use of Web Browser Cache Containing Sensitive Information) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Variant-level weakness. The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
How can CWE-525 be exploited?
Attackers can exploit CWE-525 (Use of Web Browser Cache Containing Sensitive Information) to read application data. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-525?
Key mitigations include: Protect information stored in cache.
What is the severity of CWE-525?
CWE-525 is classified as a Variant-level weakness (Low-Medium abstraction). It has been observed in 2 real-world CVEs.