Criteria | Functionality Abuse

Functionality Abuse
Supply Chain Attack - Terraform
Description Terraform dependencies are not pinned, allowing a malicious actor to override the used components with malicious components without leaving a trace. Impact Override dependencies or component with malicious content. Recommendation Use ...
Supply Chain Attack - Docker
Description Docker dependencies are not pinned to an exact digest, making the Docker build unable the verify the integrity of the image and allowing a malicious actor to override the used components with malicious components without leaving a trace. ...
Inappropriate coding practices - Transparency Conflict
Description The application uses Transparency attributes such as SecurityCriticalAttribute and SecuritySafeCriticalAttribute to identify code that performs critical security operations. However a transparency conflict is created when a member is ...
Insecure service configuration - DocumentBuilderFactory
Description DocumentBuilderFactory is insecurely configured, which makes it susceptible to XXE attacks. Impact - Read confidential information. - Execute commands on the server. Recommendation Securely configure DocumentBuilderFactory. Threat ...
Symmetric denial of service - FTP
Description The server crash is generated with multiple requests with the functionality Configuration and Programming Reverse Homologation that takes time to process the information when making the request with the selected SFTP (SSH) protocol, ...
Symmetric denial of service - SMTP
Description The server crashes with multiple requests to the SMTP service that is responsible for testing the sending of emails, since the txtEmail attribute does not validate the number of emails or characters that can be entered. Impact Cause a ...
Insecure service configuration - Non Masked Variables
Description It is possible to bypass the masking of environment variables when they are printed in the job logs, therefore sensitive data such as passwords, tokens, users, among others are exposed. This is possible because production secrets are ...
Insecure service configuration - Task Hijacking
Description One of the activities in the application manifest is configured with launchMode=singleTask, this configuration is insecure because it opens the possibility that the application is vulnerable to Task Hijacking. Impact - Mislead the user ...
Insecure service configuration - BREACH Attack
Description The site meets the conditions that make it potentially vulnerable to BREACH attacks: - Uses HTTP gzip compression. - The information entered by the user is reflected on the site. - It stores secrets (session tokens or anti-CSRF). Impact ...
Insecure service configuration - Request Validation
Description No requestValidationMode is assigned in the server configuration files, which would allow XSS attacks. Impact Obtain sensitive information through XSS attacks. Recommendation Activate recommended protection mechanisms such as Request ...
Insecure service configuration - Salt
Description Salt is generated in an insecure way, which makes the password easier to guess. Impact Obtain valid credentials through dictionary attacks. Recommendation Generate the Salt with a secure hashing function. Threat Anonymous attacker from ...
Insecure service configuration - Bucket
Description The native S3 VersioningConfiguration resource, which allows to preserve, recover and restore each version of each object stored in the Buckets due to causes such as malicious actions of users or application failures, is not enabled. ...
Insecure service configuration - IAM
Description In compliance with the different security standards for cloud computing such as ISO 27017 and NIST SP 800-144, no sensitive information should be stored among the information that is uploaded to the cloud, as this may result in data ...
Insecure service configuration - EC2
Description Some EC2 instances have insecure configurations that an attacker can use to access or interrupt critical application processes Impact Compromise the security of one or several EC2 Instances Recommendation Perform a hardening process over ...
Insecure functionality - User management
Description It is possible to assign non-users as treatment managers of vulnerabilities, this will send an email with the information of the vulnerabilities even if the email is not registered on integrates. Even if the user has been removed from all ...
Insecure service configuration - LDAP
Description Internal service information should not be stored in the source code, especially AD configurations, as it is obtained from the admon-chanel configuration file. Impact Use these insecure service configurations to gain access to the AD and ...
Insecure service configuration - Roles
Description The definition of roles does not correctly represent the different aspects of responsibilities for the security levels of the organization. Impact Detect authorization vulnerabilities, recognizing when a role can access a page that should ...
Improper resource allocation - Memory leak
Description The system may not be able to release inbound and outbound flow resources that have been opened, because they are not explicitly closed within the source code. Impact Exhaust server resources. Recommendation Outflows must be explicitly ...
Improper resource allocation - Buffer overflow
Description Within the code there are unsafe statements that can affect the performance and response time of the application. See https://rules.sonarsource.com/java/RSPEC-1149?search=stringbuffer for more information. Impact Affect application ...
Insecure service configuration - CloudDB
Description Sensitive information stored in the source code. It is determined that non-JSON Apache Lucene queries are enabled on the Cloudant database server. Impact Obtain information from the logs in the database, which in turn contain sensitive ...
Insecure service configuration - DB
Description The database server has insecure configurations. Impact Access the database and exploit vulnerabilities in the system configuration to affect the service. Recommendation Correctly configure the MySQL server. Threat Internet user with ...
Insecure service configuration - Certificates
Description Due to a misconfiguration of X.509 certificates, the application can accept invalid certificates, making it possible to carry out Man in The Middle attacks. Impact Execute Man-in-the-middle attacks. Recommendation Throw typed exceptions ...
Insecure service configuration - Signatures
Description The application is signed with a V1 signing scheme, which makes it vulnerable to the Janus vulnerability in Android. Impact Precede a malicious DEX file to an APK file, without affecting its signature. Recommendation Securely configure ...
Enabled default configuration
Description The servers default page is enabled, which allows an attacker to access it and obtain relevant technical information about the server. Impact Obtain technical information from the application that can be used to augment the attack vector. ...
Inappropriate coding practices - Performance
Description Within the code there are unsafe statements using a lot of machine resources, which affects the performance and response time of the application. Early Java API classes, such as Vector, Hashtable and StringBuffer, were synchronized to ...
Insecure functionality - Session management
Description It is possible to modify the expiration time of an expired session token, making it possible to make the token functional again and continue to query the application. Impact Perform queries to the application with an expired Token(JWT). ...
Insecure service configuration - OTP
Description The OTP mock is still enabled in the application. Impact - Attacker with information from a user of the application gets to the point where the OTP is requested. - Enters default OTP and successfully logs in to the application. ...
Insecure service configuration - Key pair
Description The credentials to access the Key pair are the same to access the Keystore, good practices with respect to containers recommend that they are different because in case one is compromised not both are compromised keytool -genkey, -keyalg ...
Insecure service configuration - App Transport Security
Description The NSAppTransportSecurity function has the NSAllowsArbitraryLoads option enabled which allows insecure (HTTP) connections to the application. Good security practices state that insecure connections from the app to external servers should ...
Insecure exceptions - NullPointerException
Description Use is made of functions that perform _catch_ to Nullpointer exceptions, which can cause unexpected behavior in the system. Impact - Decrease application performance. - Cause a possible denial of service. Recommendation The _catch_ to ...
Insecure functionality - Fingerprint
Description The application allows unsolicited user data updates. Impact Update and consult information related to the user. Recommendation Make sure that the fields to be updated are the same as those requested from the user. Threat Authenticated ...
Insecure functionality - Masking
Description The system is not masking the data in the request and/or response, allowing sensitive and confidential information to be known. Impact Become aware of sensitive and/or confidential user information. Recommendation The system sends ...
Insecure functionality - Password management
Description There is a possibility to change the access password to a users application from a different users session. Impact Change the password to access the application of one user from another users session. Recommendation Limit the permissions ...
Insecure functionality - File Creation
Description For an authenticated user with a profile that restricts certain functions, the restriction is performed on the front end by disabling the corresponding button, which can be bypassed and the query is processed when it is sent. Impact ...
Insecure service configuration - Webview
Description The application enables the use of JavaScript through the method setJavaScriptEnabled which is disabled by default. This practice increases the chances for an attacker to exploit XSS vulnerabilities. Impact Obtain or edit information ...
Excessive Privileges - Kubernetes
Description Kubernetes default configuration is overly permissive, allowing users to escalate privileges or execute commands as privileged users. Impact Gain total control over one or more PoDs. Recommendation Set strict security policy disabling ...
Insecure Binary compilation
Description The binary for the IOS platform has been compiled without the Stack Smashing Protector (SSP) and Automatic Reference Counting (ARC) flags which provide protection against Stack Overflow attacks and memory corruption. Impact Overwrite ...
Lack of protection against deletion - DynamoDB
Description The current configuration has no protection against deletion (recovery points in time). The deletion of DynamoDB instances deletes the information without the possibility of recovery. Impact Delete a DynamoDB instance by mistake or ...
Lack of protection against deletion - ELB
Description The current configuration of Elastic Load Balancing has no Deletion Protection safety feature enabled. Impact - AWS load balancers can be accidentally deleted. - Load-balanced environments remain unsafe. - Intentional or accidental ...
Lack of protection against deletion - EC2
Description Instances do not have the termination/removal protection option enabled. Impact - Delete or terminate instances by accident. - Lose of EBS data. Recommendation Ensure that instances have Termination Protection safety feature enabled. ...
Next page

Criteria | Functionality Abuse | Knowledge Base

Functionality Abuse

Supply Chain Attack - Terraform

Supply Chain Attack - Docker

Inappropriate coding practices - Transparency Conflict

Insecure service configuration - DocumentBuilderFactory

Symmetric denial of service - FTP

Symmetric denial of service - SMTP

Insecure service configuration - Non Masked Variables

Insecure service configuration - Task Hijacking

Insecure service configuration - BREACH Attack

Insecure service configuration - Request Validation

Insecure service configuration - Salt

Insecure service configuration - Bucket

Insecure service configuration - IAM

Insecure service configuration - EC2

Insecure functionality - User management

Insecure service configuration - LDAP

Insecure service configuration - Roles

Improper resource allocation - Memory leak

Improper resource allocation - Buffer overflow

Insecure service configuration - CloudDB

Insecure service configuration - DB

Insecure service configuration - Certificates

Insecure service configuration - Signatures

Enabled default configuration

Inappropriate coding practices - Performance

Insecure functionality - Session management

Insecure service configuration - OTP

Insecure service configuration - Key pair

Insecure service configuration - App Transport Security

Insecure exceptions - NullPointerException

Insecure functionality - Fingerprint

Insecure functionality - Masking

Insecure functionality - Password management

Insecure functionality - File Creation

Insecure service configuration - Webview

Excessive Privileges - Kubernetes

Insecure Binary compilation

Lack of protection against deletion - DynamoDB

Lack of protection against deletion - ELB

Lack of protection against deletion - EC2

Next page