Access Control: Private data¶

Identifier: private_data

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner

Description¶

The issue is that data meant to be private isnt properly locked down, so even users who shouldn't see it can access it. This happens when configuration rules or access controls are misconfigured or applied incorrectly, allowing sensitive data to leak out. It's dangerous because attackers or anyone who stumbles upon the vulnerability can retrieve data they arent supposed to, which might lead to privacy breaches, identity theft, or other serious security problems. Developers often fall into the trap of relying solely on configuration files for security without additional safeguards or thorough testing, leaving private data exposed if those rules are flawed.

References:

https://cheatsheetseries.owasp.org/cheatsheets/Authorization_Cheat_Sheet.html

Configuration¶

Example¶

Example configuration:

---
security_tests:
  private_data:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false
    users:
      Alice:
      - bob@example.com
      Bob:
      - alice@example.com
      public:
      - .*@example.com

Reference¶

`assets_allowed`¶

Type : List[AssetType]*

List of assets that this check will cover.

`skip`¶

Type : boolean

Skip the test if true.

`users`¶

Type : Dict[string, List[string]]

Mapping of users to regex patterns that should never match in their responses.

The public user is by default the user without authentication.

For example, if you want to ensure that Alice should never see Bob's email:

---
security_tests:
  private_data:
    users:
      Alice:
      - bob@example.com
      Bob:
      - alice@example.com
      public:
      - .*@example.com