Improper Certificate Validation in Sequelize Connection
Description
The Sequelize connection string indicates that TLS certificate validation of the database server is disabled. This is equivalent to not having TLS. An attacker can present any invalid certificate and Sequelize will make a database connection ignoring certificate errors. This setting makes the connection susceptible to man-in-the-middle (MITM) attacks.
Examples
Insecure Code
javascript
const sequelize = new Sequelize('database', 'username', 'password', { host: 'localhost', dialect: 'mysql', dialectOptions: { ssl: { rejectUnauthorized: false } } });Secure Code
javascript
const sequelize = new Sequelize('database', 'username', 'password', { host: 'localhost', dialect: 'mysql', dialectOptions: { ssl: { rejectUnauthorized: true } } });Remediation
Enable TLS certificate validation by setting `rejectUnauthorized` to `true` in the `dialectOptions.ssl` object.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0363 |
| Category | Crypto |
| Severity | HIGH |
| CWE | CWE-295 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | TLS, Certificate Validation, MITM |
| OWASP | A3:2017-Sensitive Data Exposure, A02:2021-Cryptographic Failures |