Access Subversion
Security controls bypass or absence - Fingerprint
Description It is possible to perform actions that allow circumventing the identification of the customer by means of his fingerprint. Impact - Log in to the allied portal as any user. - Approve or reject a users transactions. Recommendation Put in ...
Security controls bypass or absence - Reversing Protection
Description The application does not have anti-reverse engineering protections. Sophisticated reverse engineering tools and techniques could bypass weak security controls against reversing protection. Impact - Reveal cryptographic constants and ...
Security controls bypass or absence - Tampering Protection
Description The application has no control to ensure that a third party has not modified and recompiled the application, allowing to modify and evade validations such as the detection of a root user on the device. Impact Elude application ...
Security controls bypass or absence - Debug Protection
Description Debug controls protection do not span the wide variety of use models from internal hardware debug through debug of performance issues of software running. The application is deployed to unauthorized actors with debugging code still ...
Authentication mechanism absence or evasion - Security Image
Description It is possible to eliminate the use of the image and security phrase at user login. Impact Remove image and security phrase which can facilitate other types of attacks. Recommendation Make sure that only one number of an existing image ...
Insecure object reference - User deletion
Description The system does not have protections that prevent the removal of users from the application, leaving it inoperative and affecting its integrity to a high degree. It is even evident that once the user is deleted, the session is not deleted ...
Unrestricted access between network segments - StrictHostKeyChecking
Description The JSch StrictHostKeyChecking configuration is set to no, this indicates that connections may be made to unknown servers or servers that have changed their keys, generating new ones and adding them by default to the known server files. ...
Insecure file upload - Files Limit
Description There is no limit to the number of files that can be uploaded to the system per unit of time, and uploading a new one does not delete the previous one from the server. Impact Upload large numbers of files over the upload limit size one ...
Insecure digital certificates - Chain of trust
Description Due to improper implementation of the TrustManager checkServerTrusted method, methods are created that do not throw a certificate exception when invalid certificates are detected. Thanks to this it is possible to accept any incoming ...
Insecure digital certificates - Lifespan
Description The certificates are valid for more than two years. Impact Increase the chances of the certificate being susceptible to zero-day vulnerabilities. Recommendation Generate a certificate that complies with recommended best practices. Threat ...
Excessive privileges - Mobile App
Description The application defines unnecessary permissions that can be abused by an attacker to perform unauthorized read or write operations in the device. Impact Execute read or write actions that should not be allowed Recommendation Disable ...
Security controls bypass or absence - Session Invalidation
Description A function is implemented in the application that returns the users Main from his session code. However, since the source code used in the debugging phase was left in this functionality, if a session code containing the word auto is used, ...
Insecure session management - CSRF Fixation
Description It is possible generate a CSRF Fixation in the transaction functionality. Authorization header is the public key, and It is always the same for payment links. An attacker can create a button with the content of a request and trick a user ...
Insecure object reference - Session management
Description It is possible to close active sessions of other users by knowing their e-mail. Impact Close user sessions in the application. Recommendation Validate that the users email is not altered or replaced by another users email in the logout ...
Excessive privileges - Wildcards
Description - Privileges are granted with wildcard (*) in critical actions. - Many roles have unnecessary privileges over IAM. - Some write actions allow the use of Wildcards(*). Impact Perform sensitive actions with roles that do not need it. ...
Unrestricted access between network segments - JSch
Description The JSch StrictHostKeyChecking configuration is set to NO, this indicates that connections can be made to unknown servers or servers that have changed their keys, generating new ones and adding them by default to the known server files. ...
Unauthorized access to screen
Description An advisor, through the GLIA application, should not have access to client information. However, the advisor can obtain different client data (without the client being aware of it), simply by logging into the user window and following the ...
Insecure object reference - Data
Description It is possible to access information about other stores, obtain members registered in other stores, modify members and add members from other stores that a user has not been assigned to just by knowing the identifier that differentiates ...
Insecure object reference - Files
Description An unauthorized user can access or manipulate information of other users just by knowing the identifier that differentiates them, since the application does not validate the necessary permissions to access. Impact Access or manipulate the ...
Security controls bypass or absence - Data creation
Description It is possible to bypass the restriction that only allows the creation of four beneficiaries when generating a policy, allowing the generation of multiple beneficiaries associated to a request, affecting the integrity of the data sent. ...
Concurrent sessions control bypass
Description It is possible to bypass concurrent session control by going to any valid URL in the application when the error that there is already a session started appears. Impact Access concurrently to the application with the same user causing loss ...
Authentication mechanism absence or evasion - Azure
Description The system has flaws over authentication mechanisms or had been configured with one that can be bypassed. Impact - Allow organizations to be vulnerable to stealthy brute-force attacks. - Allow fraudulent attempts on access users accounts. ...
Authentication mechanism absence or evasion - JFROG
Description The application functions are accessed without the need to be logged into the server. Impact - Access Artifactory repositories. - Upload files to any repository without authorization. - Delete files from any repository without ...
Authentication mechanism absence or evasion - Redirect
Description An attacker can gain access to the application by knowing a valid username by changing the redirect with which the server responds. Impact - Bypass the authentication process by changing the page redirection and thus gain access to the ...
Insecure session management - Change Password
Description After a password change the session remains open. Impact Keep the control of an account whose session has been compromised. Recommendation The open session must be closed after a password change process. Threat Unauthorized user from the ...
Insecure object reference - Financial information
Description Although the requests for inquiry of expenses and movements associated with a credit card send the encrypted product number, it is possible to make the inquiry from the session of an account other than the one associated with the credit ...
Insecure object reference - Corporate information
Description It is possible to include or modify employee information of third party companies by uploading an excel file and changing the payrollNumber. An attacker can initiate a request to upload an excel file containing information on existing or ...
Insecure object reference - Personal information
Description The system allows bypassing authentication mechanisms and modifying other users information by altering the unique identifiers that distinguish each user. Impact Modify information of other users. Recommendation - Validate that ...
Session Fixation
Description The cookie session doesn't change after a valid login which allow an attacker to hijack the user session by setting the user cookie for one known by the attacker. Impact Hijack a valid user session. Recommendation Invalidate the anonymous ...
Root detection control bypass
Description It is possible to reverse engineer the application and disable detection of rooted devices. Impact Avoid the applications detection of rooted devices. Recommendation Implement an integrity check on the application so that it cannot be ...
Authentication mechanism absence or evasion - BIOS
Description The system lacks an authentication mechanism or has one that can be bypassed. Therefore, an attacker can access system resources by logging into the BIOS. Impact - Access disk information through other systems. - Modify and disabling ...
Authentication mechanism absence or evasion - Admin Console
Description Some functions of the application can be accessed without having to be logged into the server. Some only allow you to view and others, to edit some values. Impact - List confidential information in the application. - Edit information in ...
Authentication mechanism absence or evasion - WiFi
Description Te system has one old authentication mechanism that can be bypassed and be vulnerable to an intrusion. An attacker can gain access to the network and see communication traffic, whether encrypted or not. Impact Set a fragil encryption ...
Authentication mechanism absence or evasion - AWS
Description The system has not been configured with one of the AWS authentication mechanism available or has one that can be bypassed. Impact Access among the most critical parts of an information security program. Recommendation Set up the operating ...
Authentication mechanism absence or evasion - OTP
Description During the registration process of a new user, it is necessary to confirm the 6-digit verification code sent to the associated cellular number, however, it is possible to evade this mechanism since this code is not validated, being valid ...
Security controls bypass or absence - Cloudflare
Description It is possible to make requests directly to the servers IP and thus bypass Cloudflare. Impact - Extract technical information that Cloudflare masks and thus expand the attack surface. - Make malicious requests that are rejected by ...
Security controls bypass or absence - Facial Recognition
Description By using the F015 finding to obtain a token, it is possible to bypass facial recognition processes to enter application transactions, and likewise to accept or deny authorizations from a user. Impact - Log in to the allied portal as any ...
Security controls bypass or absence - Emulator
Description The application does not have a control that detects if it is being used in an emulator, allowing a wider surface for reverse engineering. Impact Apply reverse engineer to the application. Recommendation Implement recommended security ...
Security controls bypass or absence - Antivirus
Description It is possible to modify files that disable antivirus and DLP so that protection settings against various attacks are disabled. Impact - Disable antivirus and DLP policies. - Access and modifying system information and configurations. ...
Security controls bypass or absence - SSLPinning
Description The application does not define an SSLPinning mechanism or configures it insecurely, allowing an attacker to intercept and manipulate the information that travels through the application Impact - Intercept data from the app. - Tamper data ...
Next page