Access Control: Tenant isolation¶
Identifier:
tenant_isolation
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner |
|---|---|---|
Description¶
When a system isn't properly isolating tenant data, it can mistakenly flag the same object as belonging to more than one user, breaching strict separation rules. This type of vulnerability is dangerous because it can lead to unauthorized data access where one tenant might see or even change another tenant's data. It often happens due to misconfigured rules or flawed logic in how object instances are tracked and associated with users, making it easier to unintentionally combine or share sensitive information across tenants. Developers should keep a close eye on how their application defines and enforces tenant boundaries to avoid these kinds of security pitfalls.
References:
Configuration¶
Example¶
Example configuration:
---
security_tests:
tenant_isolation:
assets_allowed:
- REST
- GRAPHQL
- WEBAPP
keys_matching:
- card_number
paths:
- /users/{id}
skip: false
Reference¶
assets_allowed¶
Type : List[AssetType]*
List of assets that this check will cover.
keys_matching¶
Type : List[string]*
List of keys in a response body that will be compared between different users, to detect an isolation violation.
If the key values are the exact same between these users, an alert will be raised.
For example if you want to control the key card_number, you can use the following:
paths¶
Type : List[string]*
List of paths that this check will cover. Add * to cover all paths.
For example if you want to control the path /users/{id}, you can use the following:
To cover all paths, you can use the following:
skip¶
Type : boolean
Skip the test if true.