Insecure direct object references (DOR)

Overview

Insecure direct object references (IDORs) occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers can bypass authorisation and access restricted resources.

Business Impact

Increased risk of data breaches, financial loss, and reputational harm. Eroding customer trust and confidence.

Is your Salesforce solution affected by Insecure direct object references (DOR)?

Clayton detects anti-patterns and offers automated fix advice to kickstart your Well-Architected journey.

Scan your solution

Resources

Authorization and Access Control
Broken Access Control
Insecure Direct Object Reference Prevention Cheat Sheet
Authorization Bypass Through User-Controlled SQL Primary Key

Incidence

How common is this issue?

20%

lower

Exposure

How long do organizations remain exposed before fixing the problem?

55%

shorter

Frameworks

Trusted

Secure

Data Security

Sharing and Visibility

A01:2021 – Broken Access Control

Found a mistake?

If you think something is incorrect, missing or misleading please let us know.

Report an error