Findings

Undocumented HTTP status code

Updated: July 4, 2025

Findings Action Based Findings API Finding

Description

Severity: Low

Response has a status code that is not defined in the schema.

Systems that log and monitor HTTP status codes for performance or error tracking might not recognize undocumented status codes, resulting in incomplete or inaccurate monitoring data.

Example Attack

An attacker targets an API endpoint (e.g., /auth/login) that documents responses like 200 OK (success), 401 Unauthorized (invalid credentials), and 429 Too Many Requests (rate-limiting). By sending malformed requests, the attacker triggers an undocumented 499 Client Closed Request response that includes sensitive debugging information, such as stack traces or file paths. This disclosure helps the attacker gather internal details about the server, enabling further exploitation.

Remediation

Properly document all the response codes that an endpoint can return.

Need help?

Contact FireTail support

Previous (Findings - Action based findings)
Undocumented Content-Type
Next (Findings - Action based findings)
Unexpected GraphQL Response