Infosec glossary entry

IDOR

IDOR:
Insecure Direct Object Reference

Insecure Direct Object Reference, also known as IDOR, is a reference to an internal implementation object that is exposed to a user without proper access control.
IDOR can lead to attackers bypassing authentication and accessing resources, accounts, and modifying some data.
IDOR is often leveraged for horizontal movement, but vertical movement is also possible.
https://www.nuharborsecurity.com/web-application-security-insecure-direct-object-reference-idor

Related entries

Share 0
Tweet 0
Share 0

By jean-christoph

January 22, 2022

coding, threathunting
Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

this might interest you as well

compliance, ethics, infosec, security awareness, security culture, security policy

Unlock Effective Cybersecurity: Simplify Policies with the Clarity of the OSI Model

ethics, Psychologie, security awareness, security culture

Leveraging Psychology in Cybersecurity: Strategies for SMEs

awareness training, ethics, phishing, phishing simulations, security awareness, security culture

Ethical considerations in phishing tests: to inform employees or not?