• AuraInspector: Auditing Salesforce Aura for Data Exposure Mandiant Written by: Amine Ismail, Anirudha Kanodia Introduction Mandiant is releasing AuraInspector, a new open-source tool designed to help defenders identify and audit access control misconfigurations within the Salesforce Aura framework. • Salesforce Experience Cloud is a foundational platform for many businesses, but Mandiant Offensive Security Services (OSS) frequently identifies misconfigurations that allow unauthorized users to access sensitive data including credit card numbers, identity documents, and health information. • These access control gaps often go unnoticed until it is too late. • This post details the mechanics of these common misconfigurations and introduces a previously undocumented technique using GraphQL to bypass standard record retrieval limits. • To help administrators secure their environments, we are releasing AuraInspector, a command-line tool that automates the detection of these exposures and provides actionable insights for remediation. • Aura is a framework used in Salesforce applications to create reusable, modular components.
Article Summaries:
- Mandiant has released AuraInspector, an open‑source command‑line tool that scans Salesforce Experience Cloud (Aura) applications for access‑control misconfigurations that can expose sensitive data such as credit card numbers, identity documents, and health records. The tool automates detection of common gaps in sharing rules and identifies vulnerabilities that allow unauthorized users to retrieve data through Aura endpoints. Mandiant also documented a new GraphQL technique that bypasses standard record‑retrieval limits, highlighting how attackers can exploit poorly configured Aura methods. AuraInspector provides administrators with actionable insights to remediate these exposures and strengthen Salesforce security.
Sources: