Skip to main content

Leaking authentication

Description

The server sent too much information in the response about the user's base.

Remediation

Ensure that messages are neutral and do not disclose information about the user's base.

REST Specific

Asp_net

Implement proper error handling to prevent the server from sending verbose error messages to the client. Use custom error pages and configure the customErrors mode in the Web.config file to 'On' or 'RemoteOnly' to ensure detailed error information is only available locally. Additionally, review and sanitize outgoing responses to ensure no sensitive user information is included.

Ruby_on_rails

Implement strong session management by using Rails' built-in mechanisms such as has_secure_password for password hashing and validations. Ensure that error messages are generic and do not disclose user information. Regularly update Rails and its dependencies to incorporate the latest security patches.

Next_js

Implement proper session management using secure, HTTP-only cookies, and ensure sensitive information is not exposed through server responses. Utilize Next.js API routes to handle authentication with best practices, such as using environment variables for secret keys and leveraging built-in security features like CSRF protection.

Laravel

In Laravel, ensure that you are using built-in authentication methods and properly handling error messages. Avoid exposing sensitive user information in error responses by customizing the exception handling in the 'render' method of the 'App\Exceptions\Handler' class. Implement proper logging to record authentication failures without revealing confidential details.

Express_js

Implement proper error handling in Express.js to avoid sending verbose error messages to the client. Use a middleware that catches errors and sends generic responses to prevent information leakage. Additionally, ensure that sensitive endpoints are protected with strong authentication and authorization checks.

Django

Ensure that Django views and serializers only expose necessary user information. Implement proper permission checks and use Django's built-in authentication classes to manage access control. Avoid verbose error messages that reveal user details or system information.

Symfony

In Symfony, ensure that sensitive user information is not exposed in API responses. Implement a strict data serialization group policy using the Symfony Serializer component. Define serialization groups for user entities and explicitly specify which properties can be serialized. Use the @Groups annotation to control the exposure of fields and avoid leaking authentication details. Additionally, review and secure exception handling to prevent verbose error messages that could reveal sensitive information.

Spring_boot

Implement proper authentication handling in Spring Boot by utilizing Spring Security. Configure it to limit the amount of sensitive user information exposed in responses. Use OAuth2 or JWT for secure token-based authentication, and ensure that error messages are generic to prevent information leakage.

Flask

Implement proper error handling to avoid exposing sensitive information in error messages. Use Flask's error handling mechanisms to create custom error responses that do not include details about the user's data or the internal workings of the application. Additionally, ensure that debug mode is disabled in production to prevent the display of detailed error pages.

Nuxt

Implement proper access controls and ensure sensitive information is only sent over secure, authenticated channels. Utilize middleware to verify user permissions before sending any user-specific data. Additionally, review and sanitize all outgoing responses to prevent leakage of sensitive information.

Fastapi

Implement proper error handling in FastAPI to avoid leaking sensitive information. Use custom exception handlers to control the output of error messages and ensure that they do not contain details about the user's data or the internal workings of the application. Additionally, configure FastAPI's response models to exclude sensitive fields when sending data to clients.

Configuration

Identifier: information_disclosure/leaking_authentication

Examples

Ignore this check

checks:
  information_disclosure/leaking_authentication:
    skip: true

Score

  • Escape Severity: MEDIUM

Compliance

  • OWASP: API7:2023
  • pci: 8.2.1
  • gdpr: Article-32
  • soc2: CC6
  • psd2: Article-95
  • iso27001: A.18.1
  • nist: SP800-53
  • fedramp: AC-6

Classification

Score

  • CVSS_VECTOR: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C
  • CVSS_SCORE: 7.2