logo

Database

Json Anonymous Authentication Enabled

Description

Detects when anonymous authentication is enabled in ASP.NET Core IIS settings, which could allow unauthorized users to access the application without proper authentication. This configuration weakness may expose sensitive endpoints or resources to unauthenticated users.

Weakness:

056 - Anonymous connection

Category: Access Subversion

Detection Strategy

    Scans launchSettings.json configuration files in ASP.NET Core projects

    Looks for 'iisSettings' configuration section in the JSON file

    Checks if anonymous authentication is explicitly enabled in the IIS configuration

    Reports a vulnerability if anonymous authentication is configured to be enabled

Vulnerable code example

// ASP.NET Core Startup.cs
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    // Vulnerable: Not enforcing HTTPS redirect despite having SSL port configured
    app.UseRouting();
    
    // Missing app.UseHttpsRedirection() makes the app accept insecure HTTP traffic
    ...

✅ Secure code example

// ASP.NET Core Startup.cs
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    // Secure: Force HTTPS for all requests since SSL is configured
    app.UseHsts();
    app.UseHttpsRedirection();
    
    app.UseRouting();...