What is Cookie Poisoning?
Cookie poisoning refers to the manipulation of a cookie for the purposes of posing as another user when communicating with web servers.
By manipulating cookies, a hacker is able to gain access to user identity information and/or facilitate the unauthorized exfiltration of data from web servers.
Cookies are usually populated in client devices by web servers when clients access them. Cookies are used for authenticating user access by storing tokens that are presented with a subsequent client request to servers. This speeds up access to protected web content and resources as the tokens are used to prove authentication and authorization of client devices as opposed to having to authenticate upon sending each and every request. Cookies also allow for the personalization of the content delivered to clients.
An application delivery controller can be configured to inspect cookies and encrypt sensitive information when cookies pass between client and server. This protects the cookie content from being exposed to unauthorized personnel. In the case that a hacker is still able to harvest cookies, cookies can also be digitally signed at an ADC so that if the cookie is altered, as part of an attack by a hacker, it will become invalidated. The digital signature generated by the altered or manipulated cookie will no longer match the signature on record with the ADC and requests using such a cookie will be rejected.