Test case 52935

Deprecated test case

This version contains mistakes, making it deprecated. Deprecated test cases should not be used for new work. However, They remain in the SARD as a reference to redo previous work.

Type: source code
State: mixed
Status: deprecated
Language: Java
Submission Date: 08 Apr 2011

Description

CWE: 315 Storing plaintext data in a cookie
BadSource: Plaintext Credentials
GoodSource: Hashed Credentials
Sinks:
GoodSink: add hashed credentials to cookie
BadSink : add plaintext credentials to cookie
Flow Variant: 02 Control flow: if(true) and if(false)

Flaws

CWE-315 Cleartext Storage of Sensitive Information in a Cookie

Test Suites

Juliet Java 1.0
Juliet Java 1.0 with extra support

Documentation

Juliet v1.0 for Java cases.pdf

Have any comments on this test case? Please, send us an email.