Cache lookup variable is overwritten

Severity
Low
Applies to
Step
Links
CWE-472

Why This Issue Is Important

Using the same variable to store results from different cache lookups can lead to data inconsistencies. For example, if one cache lookup assigns its result to cacheLookupResult, and then another cache lookup overwrites this variable, the response sent to the client could contain data from an unexpected source. This can affect both data confidentiality and integrity.

How This Issue Is Detected

The issue is detected by checking if multiple cache policies use the same AssignTo variable for different CacheResource references within the same flow phase. If a variable is reused for storing lookup results from different cache resources, it raises a potential data consistency concern.

How to Fix the Issue

Ensure that each cache lookup uses a unique variable for the AssignTo attribute when interacting with different cache resources. This prevents overwriting issues and maintains the integrity of the data being processed and returned to the client.