Forced Browsing¶

Description¶

Forced browsing occurs when an attacker is able to access parts of a web application that are not intended to be accessible. This can happen due to missing or incorrect authorization checks on certain resources or functionalities. Example: An attacker accesses a restricted admin page by directly entering the URL (e.g., http://example.com/admin) without proper authorization.

Remediation¶

To prevent forced browsing vulnerabilities, take the following actions:

Implement strict authorization checks for all resources and functionalities, ensuring that only authorized users can access restricted areas.
Use security frameworks and libraries that enforce access control policies.
Regularly audit and test your application for unauthorized access points.
Ensure proper configuration of access control mechanisms in your web server and application code.

REST Specific¶

Asp_net

Ensure that all routes in the ASP.NET application are properly protected by implementing and enforcing authorization checks. Use the [Authorize] attribute on controllers and actions to restrict access to authenticated users.

Ruby_on_rails

In Ruby on Rails, use before_action callbacks in your controllers to verify that the current user is authorized to access the route. Implement robust authorization frameworks like Pundit or CanCanCan.

Next_js

Implement middleware in Next.js to verify user credentials or tokens before processing requests. Ensure consistent application of these checks across all endpoints.

Laravel

Use Laravel's built-in middleware to enforce authentication and authorization. Apply the 'auth' middleware to routes that need protection, and use Laravel's gate features for fine-grained access control.

Express_js

Protect routes in Express.js using middleware like Passport.js or express-jwt. Ensure that user credentials and permissions are verified before processing requests.

Django

Use Django's built-in decorators such as @login_required for function-based views or LoginRequiredMixin for class-based views. Ensure that all routes correctly check user permissions.

Symfony

Implement access controls in Symfony using the 'security.yaml' configuration file. Use voters or access decision managers to check user permissions before granting access to sensitive routes.

Spring_boot

Use Spring Security to authenticate and authorize requests in Spring Boot applications. Protect controller methods with annotations like @PreAuthorize to enforce role-based access control.

Flask

Protect Flask routes by using decorators like @login_required. Ensure user authentication and authorization before allowing access to state-altering operations.

Nuxt

Implement middleware in Nuxt.js to verify user credentials before granting access to sensitive data or actions. Regularly review and update route permissions.

Fastapi

Secure FastAPI routes by integrating security dependencies such as OAuth2 with JWT tokens. Apply these dependencies to route operations to ensure that only authenticated users can access certain functionalities.

Frappe

Implement proper access control checks for all routes and resources in the Frappe framework to ensure that only authorized users can access restricted areas.

Genzio

Implement strict access controls and authorization checks for all endpoints in the Genzio framework engine to prevent unauthorized access.

Gin

Implement middleware to enforce authorization checks on all routes in the Gin framework

Gorilla

Implement strict access controls and authorization checks for all sensitive resources and endpoints to prevent unauthorized access.

Hapi

Implement route-level access control using Hapi's built-in authentication and authorization strategies to ensure that only authorized users can access specific endpoints.

Hono

Implement strict access controls and authorization checks for all endpoints in the Hono framework engine to prevent unauthorized access.

Jersey

Implement proper authorization checks for all endpoints and resources in the Jersey framework to prevent unauthorized access.

Koa

Implement robust middleware for authorization checks to ensure all routes in the Koa framework are protected against unauthorized access.

Ktor

Implement proper authorization checks for all routes and resources in the Ktor application to ensure that only authenticated and authorized users can access sensitive endpoints.

Leptos

Implement robust access control checks to ensure that only authorized users can access specific routes and resources in the Leptos framework.

Macaron

Implement middleware to enforce strict access controls and validate user permissions for each route in the Macaron framework.

Phoenix

Implement robust authorization checks for all routes and actions in the Phoenix framework to ensure that only authorized users can access restricted resources.

Redwoodjs

Implement robust access control checks using RedwoodJS's built-in authentication and authorization mechanisms to ensure that only authorized users can access specific routes and resources.

Rocket

Implement robust access control checks to ensure that only authorized users can access restricted resources in the Rocket framework.

Sveltekit

Implement robust access control checks in SvelteKit by using hooks to verify user permissions before serving protected routes.

Configuration¶

Identifier: access_control/forced_browsing

Examples¶

Ignore this check¶

checks:
  access_control/forced_browsing:
    skip: true

Score¶

Escape Severity:

Compliance¶

OWASP: API1:2023
OWASP LLM: LLM06:2023
pci: 6.5.4
gdpr: Article-32
soc2: CC6
psd2: Article-95
iso27001: A.14.2
nist: SP800-53
fedramp: AC-6

Classification¶

CWE: 862

Score¶

CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:H/RL:O/RC:C
CVSS_SCORE: 8.8

References¶

https://cwe.mitre.org/data/definitions/862.html