Information Exposure Through External Request

ID

python.information_exposure_through_external_request

Severity

low

Resource

Information Leak

Language

Python

Tags

CWE:201, NIST.SP.800-53, OWASP:2021:A4

Description

Sensitive information leakage through external requests.

Rationale

Sensitive information exposure through external requests can occur when data such as usernames, passwords, session tokens, or other confidential information is included within requests to external systems.

This often happens when developers don’t sanitize or encrypt data adequately before transmitting it outside the internal boundary.

Here’s a simple illustration:

import requests

BASE_URL = "http://example.com/api"

def with_requests(medical_id: str):
    json_data = {"medical_id": medical_id}
    response = requests.post(BASE_URL, json=json_data) # FLAW
    print(f"Response Code: {response.status_code}")

In this code example, the request carries sensitive data. However, if communication does not use HTTPS, an interceptor could trivially access this data. Even if HTTPS is used, improper handling or logging at either end could still expose the information.

Remediation

To remediate the exposure of sensitive information through external requests, adopt the following best practices:

  1. Encrypt Sensitive Data: Utilize HTTPS to encrypt data in transit. Ensure that any sensitive information such as personal data, tokens, or credentials are never sent unencrypted over the network.

  2. Data Sanitization: Validate and sanitize any data before it is included in an external request to avoid leaking sensitive information in unexpected request parameters or headers.

  3. Regular Security Audits: Conduct regular reviews of your codebase with SAST tools to identify potential vulnerabilities, focusing on third-party data exchanges and network requests.

  4. Ensure Compliance: Adhere to relevant compliance standards (such as GDPR, PCI-DSS) that govern how sensitive information should be handled and transmitted.

Configuration

The detector has the following configurable parameters:

  • sources, that indicates the source kinds to check.

  • neutralizations, that indicates the neutralization kinds to check.

Unless you need to change the default behavior, you typically do not need to configure this detector.

References

  • CWE-201 : Insertion of Sensitive Information Into Sent Data.