Yaml Smtp Starttls Disabled
Description
Detects insecure SMTP configurations in Java Spring applications that use port 25 without enforcing STARTTLS encryption. This creates a security risk where email communications could be transmitted in plaintext, potentially exposing sensitive information to network eavesdropping.
Detection Strategy
• Check if there are Spring configuration files that contain SMTP settings
• Verify if the configuration specifies 'smtp' as the protocol
• Confirm if port 25 is explicitly set in the configuration
• Validate that the configuration path matches the expected mail properties structure
• Report a vulnerability if SMTP is configured to use port 25 without STARTTLS protection
Vulnerable code example
spring:
mail:
host: smtp.example.com
port: 25
username: mailUser
password: mailPass
properties:
mail:...✅ Secure code example
spring:
mail:
host: smtp.example.com
port: 587 # Changed to 587 - standard TLS port for SMTP
username: mailUser
password: mailPass
properties:
mail:...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.