Dashboard
Dashboard

ATS arbitrary loads

ATS-arbitrary-loads

The application’s App Transport Security (ATS) configuration allows for insecure HTTP connections. The NSAllowsArbitraryLoads and NSTemporaryExceptionAllowsInsecureHTTPLoads property keys can be used to allow HTTP for all domains or a particular domain respectively. HTTPs should be used in all cases, to ensure secure communications - protecting data in transport.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

Assistant

Responses are generated using AI and may contain mistakes.

Get Started

CodeAnt AI
Setup
Control Center
Pull Request Review
IDE
Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database

ATS arbitrary loads

ATS-arbitrary-loads

The application’s App Transport Security (ATS) configuration allows for insecure HTTP connections. The NSAllowsArbitraryLoads and NSTemporaryExceptionAllowsInsecureHTTPLoads property keys can be used to allow HTTP for all domains or a particular domain respectively. HTTPs should be used in all cases, to ensure secure communications - protecting data in transport.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 1
- 9
- :
-

- C
- l
- e
- a
- r
- t
- e
- x
- t
-

- T
- r
- a
- n
- s
- m
- i
- s
- s
- i
- o
- n
-

- o
- f
-

- S
- e
- n
- s
- i
- t
- i
- v
- e
-

- I
- n
- f
- o
- r
- m
- a
- t
- i
- o
- n
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures

Assistant

Responses are generated using AI and may contain mistakes.

twitter linkedin

Powered by Mintlify