Nifcloud DNS Has Verified Record

  • Query id: a1defcb6-55e8-4511-8c2a-30b615b0e057
  • Query name: Nifcloud DNS Has Verified Record
  • Platform: Terraform
  • Severity: High
  • Category: Insecure Configurations
  • URL: Github

Description

Removing verified record of TXT auth the risk that If the authentication record remains, anyone can register the zone
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "nifcloud_dns_record" "positive" {
  zone_id = nifcloud_dns_zone.example.id
  name    = "test.example.test"
  type    = "TXT"
  ttl     = 300
  record  = "nifty-dns-verify=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "nifcloud_dns_record" "negative" {
  zone_id = nifcloud_dns_zone.example.id
  name    = "test.example.test"
  type    = "TXT"
  ttl     = 300
  record  = "negative"
}