SYM_CONF_0102 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The Azure App Service is missing proper authentication settings, which means users can access the service without verifying their identity. This leaves your app exposed to unauthorized access.
Impact
Without authentication, attackers or unauthorized users could gain access to sensitive resources, modify application data, or disrupt service functionality. This may lead to data breaches, service misuse, or compliance violations.