Ats-pins
ATS CA pins
ATS-CA-pins
ATS-CA-pins
The application’s App Transport Security (ATS) configuration leverages the in-built public key pinning mechanisms however has pins which are Certificate Authority Identities, rather than Leaf Identities. Trusting a Certificate Authority is much more lenient than trusting a single leaf identity. Consider pinning to leaf identities rather than CA, following the principle of least privelege.
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 7
- 2
- :
-
- L
- e
- a
- s
- t
-
- P
- r
- i
- v
- i
- l
- e
- g
- e
-
- V
- i
- o
- l
- a
- t
- i
- o
- n
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 7
- 2
- :
-
- L
- e
- a
- s
- t
-
- P
- r
- i
- v
- i
- l
- e
- g
- e
-
- V
- i
- o
- l
- a
- t
- i
- o
- n