Authenticated Route Bypass

A vulnerable authentication bypass might occur when an endpoint that should be protected isn't properly enforced by authentication middleware or decorators.

An authentication bypass occurs when secure endpoints aren't protected by authentication measures, allowing unauthorized access to sensitive areas like admin panels or user accounts. This can lead to data breaches and exposure. Proper authentication checks are crucial to prevent this risk. Developers should review code, ensure all sensitive endpoints are protected, and conduct regular security audits

Vulnerable Code

In the below code snippet, the get_all_users endpoint lacks authentication or authorization, which means anyone can access the list of users without restriction. This creates a vulnerability in scenarios where sensitive user information should be restricted to authenticated or authorized users only.

@router.get("/users")
async def get_all_users(db: Session = Depends(get_db)):
    users = await get_all_users_handler(db)
    return JSONResponse(status_code=200, content={"status": "success", "message": "Users retrieved successfully", "data": jsonable_encoder(users)})

Vulnerable APIs

(Admin) Get All Users

https://apidoc.fvb.vchan.in/#ff62ee09-4e94-4a0f-9621-ddff39925fd8

Compliance

  • OWASP: API2:2023

  • PCI: 6.5.10

  • GDPR: Article-32

  • SOC2: CC1

  • ISO27001: A.14.2

  • NIST: SP800-53

CWE & CVSS

  • CWE: 285

  • CVSS VECTOR: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

  • CVSS SCORE: 6.5

Last updated