> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.
# A01:2021 - Broken Access Control
> Security rules for Broken Access Control vulnerabilities. Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information d
Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of data, or performing a business function outside the user's limits.
CodeAnt AI detects **Broken Access Control** vulnerabilities across **20 languages**: Python, Java, JavaScript, TypeScript, Go, C#, Ruby, PHP, Kotlin, Swift, Rust, Scala, C++, Elixir, Terraform, Dockerfile, YAML, JSON, Solidity, Apex.
***
## Detected Vulnerabilities
**Severity:** **Critical**
### Description
The application uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize special elements such as `../` sequences that can resolve to a location outside of that directory.
### Impact
An attacker can access files and directories stored outside the intended folder, potentially reading sensitive configuration files, source code, or system files like `/etc/passwd`.
### Remediation
Validate and canonicalize all file paths. Use allowlists for permitted directories. Employ chroot jails or similar sandboxing. Never pass user input directly to file system APIs without sanitization.
**Severity:** **High**
### Description
The application exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This can include credentials, tokens, internal paths, stack traces, or personal data.
### Impact
Leaked sensitive information can be used by attackers to gain unauthorized access, escalate privileges, or perform targeted attacks against the application or its users.
### Remediation
Implement proper access controls on all sensitive data. Remove debug information from production responses. Use generic error messages. Audit all data flows to ensure sensitive information is not inadvertently exposed.
**Severity:** **Critical**
### Description
The application does not restrict or incorrectly restricts access to a resource from an unauthorized actor. This is the general category for access control weaknesses.
### Impact
Unauthorized users can access, modify, or delete resources they should not have permission to interact with, potentially compromising the entire application.
### Remediation
Implement role-based access control (RBAC). Deny access by default. Enforce access controls on the server side. Log and monitor access control failures. Disable directory listing on web servers.
**Severity:** **High**
### Description
The web application does not sufficiently verify that a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, allowing attackers to trick users into executing unwanted actions.
### Impact
Attackers can force authenticated users to perform state-changing requests such as transferring funds, changing email addresses, or modifying account settings without their knowledge.
### Remediation
Use anti-CSRF tokens in all state-changing forms. Implement SameSite cookie attribute. Verify the Origin and Referer headers. Require re-authentication for sensitive operations.
**Severity:** **Medium**
### Description
The application accepts a user-controlled input that specifies a link to an external site and redirects to that site without proper validation, which can be used in phishing attacks.
### Impact
Attackers can craft URLs that appear legitimate but redirect users to malicious sites, enabling phishing attacks, credential theft, and malware distribution.
### Remediation
Avoid using user input for redirect destinations. If redirects are necessary, use a whitelist of allowed URLs. Validate that redirect targets are internal. Warn users before redirecting to external sites.
**Severity:** **High**
### Description
The application provides direct access to objects based on user-supplied input without verifying that the user is authorized to access the target object.
### Impact
Attackers can access other users' data by manipulating object references (e.g., changing an ID parameter), leading to unauthorized data access across tenant boundaries.
### Remediation
Implement proper authorization checks for every object access. Use indirect references that are mapped server-side. Validate that the authenticated user has permission to access the requested resource.
**Severity:** **Critical**
### Description
The application does not perform an authorization check when an actor attempts to access a resource or perform an action, allowing any authenticated (or unauthenticated) user to access restricted functionality.
### Impact
Complete bypass of authorization controls, enabling any user to access admin functions, other users' data, or restricted API endpoints.
### Remediation
Enforce authorization checks on every request to a protected resource. Use middleware or decorators to apply authorization consistently. Implement least-privilege access by default.
**Severity:** **High**
### Description
The application performs an authorization check but does so incorrectly, allowing actors to bypass intended access restrictions and access resources beyond their privilege level.
### Impact
Users can escalate their privileges or access resources belonging to other users due to flawed authorization logic, compromising data confidentiality and integrity.
### Remediation
Review and test all authorization logic thoroughly. Use well-tested authorization frameworks. Implement unit tests specifically for authorization boundaries. Conduct regular access control audits.