Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Remote debugging is enabled for this Azure App Service, which can expose sensitive application internals to anyone with access. Enabling remote debugging in production environments increases the risk of unauthorized access.
Impact#
If exploited, attackers could gain remote access to the application’s runtime environment, potentially allowing them to execute arbitrary code, inspect sensitive data, or disrupt service operation. This can lead to data breaches, service downtime, and compromise of organizational assets.