Scope: Access Control / Impact: Gain Privileges or Assume Identity
対策・緩和策
In order to usefully check if a given action is authorized, some means of strong authentication and method protection must be used. Use other means of authorization that cannot be simply spoofed. Possibilities include a username/password or certificate.