The main reason for this vulnerability is the multi-threading of the system. A "Race Condition" vulnerability occurs when systems designed to perform a specific task are trying to perform 2 or more operations at the same time, because the system is forced. It actually happens by circumventing some kind of security measure.
The security measure is circumvented with the request sent again within the time the security measure of the first sent request is tried to be taken.
Race Condition is a data integrity error that causes great cost, especially in transactional systems. The race condition vulnerability is very difficult to spot on unscaled systems. Because the race condition vulnerability is an error that occurs as a result of scaling itself and does not show a deterministic feature.
Where Can a "Race Condition" Occur?
Most software programs are multi-threaded, meaning they can handle several threads simultaneously. A well-programmed application will ensure that each thread's results are processed in the expected order. If a program relies on threads running in an unpredictable order, a race condition can occur.
- Like or Dislike
- don't subscribe
- Bank withdrawal or deposit
And in similar parts, the functions of following, subscribing, liking or disliking can be used thousands of times with a single account.
Latest Updates on Mar 11, 2022