Cross-Site Request Forgery (CSRF)

Property
Languagepython
Severitylow
CWECWE-352: Cross-Site Request Forgery (CSRF)
OWASPA01:2021 - Broken Access Control
Confidence LevelMedium
Impact LevelLow
Likelihood LevelLow

Description

This view has CSRF protection enabled but is configured to skip the origin check, which weakens its defense against cross-site request forgery attacks. Disabling origin checks can allow unauthorized requests from malicious sites.

Impact

If exploited, an attacker could trick users into performing sensitive actions on your site without their consent, potentially leading to data theft, account compromise, or unauthorized changes. This undermines trust and may expose critical user or organizational data.

Cross-Site Request Forgery (CSRF)

Property
Languagepython
Severitylow
CWECWE-352: Cross-Site Request Forgery (CSRF)
OWASPA01:2021 - Broken Access Control
Confidence LevelMedium
Impact LevelLow
Likelihood LevelLow

Description

The global CSRF protection in your Pyramid app has been configured with ‘check_origin=False’, which disables automatic verification of the request’s origin. This weakens the defense against cross-site request forgery attacks, especially if an insecure CSRF storage policy is used.

Impact

By disabling origin checking, attackers may be able to trick authenticated users into performing unintended actions on your site. This can lead to unauthorized data changes, exposure of sensitive information, or other malicious activities, putting your users and application at risk.

Cross-Site Request Forgery (CSRF)

Property
Languagepython
Severitylow
CWECWE-352: Cross-Site Request Forgery (CSRF)
OWASPA01:2021 - Broken Access Control
Confidence LevelMedium
Impact LevelLow
Likelihood LevelLow

Description

The global CSRF (Cross-Site Request Forgery) protection in your Pyramid application has been disabled by setting ‘require_csrf=False’ in the configuration. This means that incoming requests are not checked for valid CSRF tokens, leaving endpoints unprotected.

Impact

Without CSRF protection, attackers can trick authenticated users into performing unwanted actions (like changing account settings or making transactions) without their consent. This can lead to unauthorized access, data manipulation, or compromise of user accounts, undermining both user trust and application security.

Cross-Site Request Forgery (CSRF)

Property
Languageruby
Severitylow
CWECWE-352: Cross-Site Request Forgery (CSRF)
OWASPA01:2021 - Broken Access Control
Confidence LevelLow
Impact LevelMedium
Likelihood LevelLow

Description

The controller does not enable CSRF (Cross-Site Request Forgery) protection using ‘protect_from_forgery’. This leaves the application vulnerable to malicious requests that can be made from other sites without user consent.

Impact

Without CSRF protection, attackers may trick users into performing unwanted actions, such as changing account details or making transactions, while logged in. This can lead to data loss, unauthorized changes, or compromise of sensitive user information.

Cross-Site Request Forgery (CSRF)

Property
Languageruby
Severitylow
CWECWE-352: Cross-Site Request Forgery (CSRF)
OWASPA01:2021 - Broken Access Control
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Disabling CSRF protection with ‘skip_forgery_protection’ removes safeguards against unauthorized form submissions from malicious websites. This makes it easier for attackers to trick users into performing unwanted actions while logged in.

Impact

If exploited, attackers could force users to perform actions like changing account details or making transactions without their consent. This can lead to account compromise, data loss, or unauthorized access, potentially harming users and the organization.

Cryptographic Issues

Property
Languagecsharp
Severitylow
CWECWE-310: CWE CATEGORY: Cryptographic Issues
OWASPA02:2021 - Cryptographic Failures
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Using the X509Certificate2.PrivateKey property is insecure because it is obsolete and can lead to improper handling of private keys. This can leave private keys on disk if not managed correctly, increasing the risk of unauthorized access.

Impact

If private keys are unintentionally left on disk or mishandled, attackers could recover them and compromise encrypted data, impersonate users or services, or undermine authentication mechanisms. This exposes sensitive information and weakens the application’s overall security.

Cryptographic Issues

Property
Languagejavascript
Severityhigh
CWECWE-310: CWE CATEGORY: Cryptographic Issues
OWASPA02:2021 - Cryptographic Failures
Confidence LevelHigh
Impact LevelMedium
Likelihood LevelHigh

Description

The ‘final’ call of a Decipher object checks the authentication tag in a mode for authenticated encryption. Failing to call ‘final’ will invalidate all integrity guarantees of the released ciphertext.

Cryptographic Issues

Property
Languagejavascript
Severitymedium
CWECWE-310: CWE CATEGORY: Cryptographic Issues
OWASPA02:2021 - Cryptographic Failures
Confidence LevelMedium
Impact LevelMedium
Likelihood LevelMedium

Description

The call to ‘createDecipheriv’ with the Galois Counter Mode (GCM) mode of operation is missing an expected authentication tag length. If the expected authentication tag length is not specified or otherwise checked, the application might be tricked into verifying a shorter-than-expected authentication tag. This can be abused by an attacker to spoof ciphertexts or recover the implicit authentication key of GCM, allowing arbitrary forgeries.

Data Factory should have public access disabled, the default is enabled.

Property
Languageterraform
Severitycritical
Servicedatafactory
ProviderAzure
Vulnerability Typeomission

Description

Azure Data Factory resources are configured with public network access enabled by default, exposing them to the internet. This setting allows anyone with network access to potentially interact with the Data Factory instance.

Impact

If public access remains enabled, unauthorized users could discover and attempt to access or manipulate Data Factory resources, leading to potential data breaches, service disruption, or unauthorized data movement within the organization’s environment.

Database auditing rentention period should be longer than 90 days

Property
Languageterraform
Severitymedium
Servicedatabase
ProviderAzure
Vulnerability Typemisconfiguration

Description

The database auditing policy is configured with a retention period shorter than 90 days, which may result in audit logs being deleted too soon and insufficient historical records for security investigations or compliance purposes.

Impact

Short audit log retention can lead to missing critical evidence during incident response or compliance audits, making it difficult to detect or investigate suspicious activity and potentially resulting in regulatory violations or undetected breaches.