CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
        • Biometrics-and-auth
        • Commoncrypto
        • Cryptoswift
        • Insecure-communication
          • Ats
            • Ats-ct
            • Ats-insecure-website-load
            • Ats-load
            • Ats-local
              • ATS local networking
            • Ats-media-load
            • Ats-pfs
            • Ats-pinning
            • Ats-pins
            • Ats-tls
          • Sect
        • Lang
        • Pathtraversal
        • Sql
        • Sqllite
        • Webview
        • Webview
      • Terraform
      • Typescript
      • Yaml
    Ats-local

    ATS local networking

    ATS-local-networking

    The application’s App Transport Security (ATS) configuration allows for local networking, which in some iOS versions is blocked by default in ATS. Consider whether or not the application requires this in release builds, or for development reasons only. This follows the principle of least privelege, reducing the attack surface if local networking is not required.
    Likelihood: LOW
    Confidence: HIGH
    CWE:
    - C
    - W
    - E
    - -
    - 2
    - 7
    - 2
    - :
    -

    - L
    - e
    - a
    - s
    - t
    -

    - P
    - r
    - i
    - v
    - i
    - l
    - e
    - g
    - e
    -

    - V
    - i
    - o
    - l
    - a
    - t
    - i
    - o
    - n
    ATS arbitrary loadsATS insecure media loads
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.