5.1 Security Considerations for Implementers
The protocol is vulnerable to a hijacking attack in which the attacker guesses the value of the ConfigurationId (as specified in section 3.1.5.1), JobId, and/or ModuleName, ModuleVersion (as specified in section 3.2.5.1), and the TCP port number used by the client. This approach works because the attacker can establish its own TCP connection to the server and send a request by using the victim's ConfigurationId, JobId, and/or ModuleName, ModuleVersion value. To mitigate the attack, make ConfigurationId and JobId random values. Also, if HTTP access authentication is used, the server ought to authenticate access at least once on each new URL or TCP connection.