Skip to content

Public state-altering operation

Description

Any route that mutates application data should not be public. Generally, REST READ, UPDATE, DELETE requests and GraphQL mutations should be protected by an authentication middleware.

Remediation

Restrict access to the route, using an authentication middleware for example.

GraphQL Specific

Apollo Ensure that all public state-altering operations in the Apollo framework engine are properly authenticated and authorized to prevent unauthorized access or modifications. Implement checks to validate the user's permissions before executing any changes.
Yoga Ensure that the Yoga framework engine's public state-altering operations are properly authenticated and authorized to prevent unauthorized access or modifications. Implement robust input validation to avoid injection attacks and enforce access controls to restrict operations to legitimate users only.
Awsappsync Ensure that AWS AppSync resolvers use proper authorization checks before allowing state-altering operations to prevent unauthorized access and data manipulation. Implement fine-grained access control using AWS Identity and Access Management (IAM) policies, Amazon Cognito, or OpenID Connect providers, depending on your authentication requirements. Additionally, validate and sanitize all input data to protect against injection attacks and enforce schema validation to maintain data integrity.
Graphqlgo Ensure that the GraphQL Go framework engine properly validates and sanitizes user input to prevent injection attacks. Implement authorization checks to restrict access to state-altering operations to authorized users only. Additionally, consider using query complexity analysis to prevent resource exhaustion attacks.
Graphqlruby In the GraphQL Ruby framework, ensure that all state-altering operations are performed using mutations with properly defined authorization checks. Avoid exposing sensitive actions to unauthorized users by implementing a robust authentication and authorization strategy. Use GraphQL's built-in mechanisms for input validation and sanitization to prevent injection attacks. Additionally, consider rate-limiting to protect against abuse of the API.
Hasura Ensure that all public state-altering operations in the Hasura framework are protected by appropriate authentication and authorization mechanisms. Utilize Hasura's role-based access control to define permissions and restrict access based on user roles. Additionally, consider implementing validation checks and rate limiting to prevent abuse of exposed APIs.
Agoo Ensure all state-altering routes in the Agoo framework are protected by authentication middleware to prevent unauthorized access.
Ariadne Ensure that all GraphQL mutations in the Ariadne framework are protected by authentication middleware to prevent unauthorized state-altering operations.
Caliban Ensure all GraphQL mutations in Caliban are protected by authentication middleware to prevent unauthorized data alterations.
Dgraph Ensure all GraphQL mutations and state-altering operations in Dgraph are secured with authentication and authorization middleware to prevent unauthorized access.
Dianajl Ensure all state-altering operations in the DianaJL framework are secured with authentication middleware to prevent unauthorized access.
Directus Ensure all state-altering operations in Directus are protected by authentication and authorization middleware to prevent unauthorized access.
Flutter Ensure all state-altering operations in Flutter are secured with proper authentication and authorization checks.
Graphene Ensure that all GraphQL mutations in the Graphene framework are protected by authentication middleware to prevent unauthorized data alterations.
Graphqlapiforwp Ensure all GraphQL mutations in the GraphQL API for WordPress framework are protected by authentication middleware to prevent unauthorized data alterations.
Graphqlgophergo Ensure all GraphQL mutations in the Gopher framework are protected by authentication middleware to prevent unauthorized data alterations.
Graphqljava Ensure all GraphQL mutations are protected by authentication and authorization middleware to prevent unauthorized state changes.
Graphqlphp Ensure all GraphQL mutations in the graphqlphp framework are protected by authentication middleware to prevent unauthorized data alterations.
Graphqlyoga Ensure all GraphQL mutations in the GraphQL Yoga framework are protected by authentication middleware to prevent unauthorized data alterations.
Hypergraphql Ensure that all GraphQL mutations in the HyperGraphQL framework are protected by authentication middleware to prevent unauthorized state-altering operations.
Jaal Ensure all state-altering operations in the Jaal framework are protected by authentication middleware to prevent unauthorized access.
Juniper Ensure all state-altering operations in the Juniper framework are protected by authentication middleware to prevent unauthorized access.
Lacinia Ensure that all state-altering operations in the Lacinia framework are protected by authentication middleware to prevent unauthorized access.
Lighthouse Ensure all state-altering operations in the Lighthouse framework are secured with authentication middleware to prevent unauthorized access.
Mercurius Ensure that all state-altering operations in the Mercurius framework are protected by authentication middleware to prevent unauthorized access.
Morpheusgraphql Ensure all GraphQL mutations in MorpheusGraphQL are protected by authentication middleware to prevent unauthorized data alterations.
Qglgen Ensure that all GraphQL mutations in the gqlgen framework are protected by authentication middleware to prevent unauthorized state-altering operations.
Sangria Ensure that all GraphQL mutations in the Sangria framework are protected by authentication middleware to prevent unauthorized state-altering operations.
Shopify Ensure all state-altering operations in the Shopify framework are protected by authentication middleware to prevent unauthorized access.
Stepzen Ensure all state-altering operations in StepZen are protected by authentication middleware to prevent unauthorized access.
Strawberry Ensure that all state-altering operations in the Strawberry framework are protected by authentication middleware to prevent unauthorized access.
Tartiflette Ensure that all GraphQL mutations in the Tartiflette framework are protected by authentication middleware to prevent unauthorized state-altering operations.
Wpgraphql Ensure all GraphQL mutations in the WPGraphQL framework are protected by authentication and authorization middleware to prevent unauthorized data alterations.

REST Specific

Asp_net Implement authentication and authorization mechanisms such as ASP.NET Identity for user management, and use [Authorize] attribute to protect state-altering endpoints. Additionally, apply AntiForgeryToken to prevent CSRF attacks on form submissions.
Ruby_on_rails In Ruby on Rails, ensure that routes which alter the state of the application, such as create, update, or destroy actions, are secured with authentication checks. Utilize the `before_action` callback in your controllers to enforce user authentication with methods like `authenticate_user!` provided by authentication solutions like Devise.
Next_js Implement authentication and authorization checks in your Next.js API routes or pages with dynamic data fetching methods. Use Next.js middleware or higher-order functions to wrap your API routes, ensuring that only authenticated users can perform state-altering operations. Additionally, consider using libraries like `next-auth` for streamlined authentication handling.
Laravel In Laravel, protect state-altering routes by applying the 'auth' middleware to ensure only authenticated users can access them. Use Route groups or apply the middleware directly to each route that performs create, update, or delete operations.
Express_js In Express.js, ensure that routes handling state-altering operations such as POST, PUT, PATCH, and DELETE are secured with authentication middleware like Passport.js or express-jwt. Implement route-specific middleware to verify the user's identity and permissions before processing the request.
Django In Django, ensure that views which perform state-altering operations such as POST, PUT, PATCH, and DELETE are protected by appropriate authentication and permission classes. Utilize Django's built-in authentication system and decorators like @login_required, or use Django REST framework's permissions to restrict access to authenticated users only.
Symfony In Symfony, secure state-altering operations by implementing access controls using voters or access decision managers. Ensure that routes handling `CREATE`, `UPDATE`, and `DELETE` operations require authentication and proper authorization. Utilize Symfony's security components to set up firewalls and configure security voters to check user permissions before allowing access to these sensitive endpoints.
Spring_boot In Spring Boot, secure state-altering endpoints by applying Spring Security. Configure authentication and use annotations like @PreAuthorize to control access, ensuring only authenticated users with proper roles can invoke these operations.
Flask In Flask, ensure that routes handling state-altering operations such as POST, PUT, PATCH, and DELETE are protected by authentication. Utilize Flask extensions like Flask-Login or Flask-Security to manage user sessions and restrict access to these endpoints. Additionally, apply the @login_required decorator to your view functions to enforce authentication.
Nuxt In Nuxt.js, ensure that all state-altering operations such as POST, PUT, PATCH, and DELETE requests are secured by implementing authentication and authorization checks. Use middleware to verify user credentials and permissions before allowing access to these routes.
Fastapi In FastAPI, secure state-altering endpoints by integrating security dependencies such as OAuth2 with JWT tokens. Apply these dependencies to your route operations to ensure that only authenticated users can perform `CREATE`, `UPDATE`, or `DELETE` actions.
Frappe Ensure all state-altering operations in Frappe are protected by authentication and authorization checks to prevent unauthorized access.
Genzio Ensure all state-altering operations in the Genzio framework are secured with authentication middleware to prevent unauthorized access.
Gin Ensure all state-altering routes in the Gin framework are protected by authentication middleware to prevent unauthorized access.
Gorilla Ensure all state-altering routes in the Gorilla framework are protected by authentication middleware to prevent unauthorized access.
Hapi Implement authentication and authorization middleware for all state-altering routes in the Hapi framework to ensure that only authenticated users can perform operations that modify application data.
Hono Ensure all state-altering operations in the Hono framework are protected by authentication middleware to prevent unauthorized access.
Jersey Ensure that all state-altering operations in the Jersey framework are secured by implementing authentication and authorization filters to prevent unauthorized access.
Koa Ensure all state-altering routes in your Koa application are protected by authentication middleware to prevent unauthorized access.
Ktor Ensure all state-altering routes in Ktor are protected by authentication middleware to prevent unauthorized access.
Leptos Ensure all state-altering operations in the Leptos framework are protected by authentication and authorization middleware to prevent unauthorized access.
Macaron Ensure all state-altering routes in the Macaron framework are protected by authentication middleware to prevent unauthorized access.
Phoenix Ensure all state-altering routes in the Phoenix framework are protected by authentication and authorization plugs to prevent unauthorized access.
Redwoodjs Ensure all state-altering operations in RedwoodJS are protected by authentication and authorization middleware to prevent unauthorized access.
Rocket Ensure all state-altering routes in Rocket applications are protected by authentication and authorization middleware to prevent unauthorized access.
Sveltekit Implement authentication and authorization middleware to protect routes that alter application state in SvelteKit.

Configuration

Identifier: access_control/public_state_altering_operation

Examples

Ignore this check

checks:
  access_control/public_state_altering_operation:
    skip: true

Score

  • Escape Severity:

Compliance

  • OWASP: API5:2023
  • OWASP LLM: LLM06:2023
  • pci: 6.5.10
  • gdpr: Article-32
  • soc2: CC1
  • psd2: Article-95
  • iso27001: A.14.2
  • nist: SP800-53
  • fedramp: AC-6

Classification

  • CWE: 306

Score

  • CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:H/RL:O/RC:C
  • CVSS_SCORE: 8.7

References