Missing Cache-Control

Description

Cache-Control is an HTTP header that determines how caching is handled by browsers and intermediate proxies. When this header is missing or not properly configured, sensitive data may be stored in caches longer than intended, potentially exposing it to unauthorized parties. An attacker can exploit cached responses to retrieve private information or outdated data. Moreover, failing to control caching behavior can allow malicious entities to tamper with or replay old responses. Overall, the absence of a suitable Cache-Control policy undermines data protection and can lead to further attacks such as session hijacking or credential theft.

Remediation

Implement a proper Cache-Control header (e.g., 'no-store', 'no-cache', 'private', or 'max-age=0') depending on the data sensitivity and desired caching strategy. Ensure this header is consistently set across all endpoints, including static resources and dynamic responses. If you use a reverse proxy or CDN, configure it to respect the Cache-Control directives and prevent unwanted content caching. Consider employing a Web Application Firewall (WAF) or network-level firewall rules to monitor and block suspicious requests related to caching abuse. Regularly review your caching settings and integrate them into your patch management and security hardening processes to minimize the risk of data leakage.

References

Severity

Owasp

Code: A05:2021

Category: Security Misconfiguration

Classification