"Mandiant has released AuraInspector, an open-source tool for identifying security issues in Salesforce Experience Cloud. The platform helps administrators detect misconfigurations in the Aura framework that lead to unauthorized access to sensitive data. Mandiant Offensive Security Services regularly identifies serious security issues in Salesforce Experience Cloud implementations. Unauthorized users gain access to credit card numbers, identity documents, and medical data due to incorrect access control settings."
"According to Mandiant, AuraInspector offers more than just detection of standard misconfigurations. The tool includes a previously undocumented technique that uses GraphQL to bypass standard record retrieval limits. This shows how attackers can empty databases, even when basic security is in place. The Aura framework serves as the foundation for Salesforce Lightning Experience and Experience Cloud. It uses a single-page application model in which the front end retrieves information from the backend system via an Aura endpoint."
AuraInspector is an open-source command-line tool that identifies security issues in Salesforce Experience Cloud's Aura framework and detects misconfigurations that enable unauthorized data access. The tool helps administrators and security teams detect incorrect access control settings that expose credit card numbers, identity documents, and medical data. AuraInspector includes a previously undocumented GraphQL technique that bypasses standard record retrieval limits and can allow attackers to drain databases. The tool analyzes the Aura endpoint, calls getConfigData to enumerate backend objects, and attempts aura-enabled methods via the endpoint's message parameter. Scanning can be done externally without login credentials when applicable. AuraInspector is published openly for security teams.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]