FireTail.io

Type:

Observation

Rule Severity:

High

The GraphQL endpoint allows excessive duplication of directives in a single query.

This overloading can lead to performance degradation, excessive resource utilization, and potential denial-of-service (DoS) attacks. Unrestricted use of duplicated directives enables malicious actors to exploit server resources, impacting the availability and responsiveness of the API.

Remediation

Implement a limit on the number of duplicated directives allowed in a GraphQL query. Update the server configuration or use query validation middleware to enforce strict thresholds on directive usage.

Example Attack Scenario

How to Identify with Example Scenario

How to Resolve with Example Scenario

How to Identify with Example Scenario

Find the text in bold to identify issues such as these in API specifications

How to Resolve with Example Scenario

Modify the text in bold to resolve issues such as these in API specifications

References:

More findings

All Findings

Directive overloading

firetail:graphql-directive-overloading

Type:

Observation

Rule Severity:

High

Remediation

Example Attack Scenario

How to Identify with Example Scenario

How to Resolve with Example Scenario

How to Identify with Example Scenario

How to Resolve with Example Scenario

More findings

AWS ALB logging is not enabled

Undocumented HTTP status code

CVE detected

Access logging not configured for API Gateway V2 stages

Unexpected GraphQL response

Array-based query batching