A01: Broken Access Control

Broken Access Control is a vulnerability that occurs when restrictions on what authenticated users are allowed to do are not properly enforced. This can allow attackers to access unauthorized functionality or data.

How it Happens

• Insecure Direct Object References (IDOR): An application provides direct access to an object based on user-supplied input.
• Privilege Escalation: An attacker is able to gain higher-level privileges than they are supposed to have.
• Path Traversal: An attacker is able to access files and directories that are stored outside the web root folder.

Mitigation Strategies

• Deny by Default: All access should be denied by default, and only granted to specific roles or users.
• Enforce Access Control on the Server-Side: Access control checks should always be performed on the server-side.
• Use a Single, Application-Wide Mechanism for Access Control: This helps to ensure that access control is applied consistently across the entire application.

Why it Remains a Top Threat

Broken Access Control has been a persistent threat for many years because it is often difficult to get right. Modern applications can have complex access control requirements, and it is easy to make mistakes.

This section will provide more in-depth information on the different types of Broken Access Control vulnerabilities and how to prevent them.