Skip to content

Information Disclosure: Possible User Enumeration

Identifier: leaking_authentication

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner

Description

When a server gives out too much detail about how it handles authentication, it can tip off attackers about the inner workings of your system. Essentially, the vulnerability happens when error messages or responses include sensitive detailslike which part of the authentication failed or what user information existsmaking it much easier for someone with bad intentions to figure out how to bypass security checks. If left unchecked, this can lead to unauthorized access to accounts or even control over the system. The common misstep is not sanitizing the responses or revealing internal error details that could help an attacker piece together how the authentication process works.

Configuration

Example

Example configuration:

---
security_tests:
  leaking_authentication:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference

assets_allowed

Type : List[AssetType]*

List of assets that this check will cover.

skip

Type : boolean

Skip the test if true.