Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
ATS consider pinning
The application’s App Transport Security (ATS) configuration does not leverage the in-built public key pinning mechanisms. The application should consider leverage ATS public key pinning to ensure that the application only communicates to serves with an allow-listed certificate (and public key). By default the device will allow connections if the default trust store (CA store) posesses the right certificates. The number of accepted Certificate Authorities by default is hundreds. Using public key pinning vastly reduces the attack surface.
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 9
- 6
- :
-
- I
- m
- p
- r
- o
- p
- e
- r
-
- F
- o
- l
- l
- o
- w
- i
- n
- g
-
- o
- f
-
- a
-
- C
- e
- r
- t
- i
- f
- i
- c
- a
- t
- e
- ’
- s
-
- C
- h
- a
- i
- n
-
- o
- f
-
- T
- r
- u
- s
- t