Abstract:
The program is configured not to generate an exception when it fails to write to an audit log.
Explanation:
If WCF is configured not to throw an exception when it is unable to write to an audit log, the program will not be notified of the
failure and auditing of critical security events may not occur.
Example 1: The <behavior/> element of the WCF configuration file below instructs WCF to not notify the application when
WCF fails to write to an audit log.
<behaviors>
<serviceBehaviors>
<behavior name="NewBehavior">
<serviceSecurityAudit auditLogLocation="Application"
suppressAuditFailure="true"
serviceAuthorizationAuditLevel="Success"
messageAuthenticationAuditLevel="Success" />
</behavior>
</serviceBehaviors>
</behaviors>
Recommendations:
Configure WCF to notify the program whenever it is unable to write to an audit log. The program should have an alternative
notification scheme in place to alert the organization that audit trails are not being maintained.
Web.config, line 80 (WCF Misconfiguration: Insufficient Audit Failure Handling)
Fortify Priority: Low Folder Low
Kingdom: Environment
Abstract: The program is configured on line 80 of Web.config not to generate an exception
when it fails to write to an audit log.
Sink: Web.config:80 null()
78 <serviceBehaviors>
79 <behavior name="">
80 <serviceSecurityAudit auditLogLocation="Default" suppressAuditFailure="false"
serviceAuthorizationAuditLevel="SuccessOrFailure"
messageAuthenticationAuditLevel="SuccessOrFailure" />
81 <serviceThrottling maxConcurrentCalls="20" maxConcurrentSessions="20"
maxConcurrentInstances="20" />
82 </behavior>