Information Collection
Automatic information enumeration - Open ports
Description The security group is configured to open an unnecessarily large range of ports. With the scan is possible to list the services available on the servers to know which one can be consumed. Impact - Scan all the system ports and access the ...
Non-encrypted confidential information - JFROG
Description Confidential information is stored in plain text allowing an attacker to view it without any encryption. Impact - Obtain confidential JFrog user information. - Create, edit and delete JFrog user information. Recommendation Encrypt all ...
Non-encrypted hard drives
Description Disk or hard drives without encryption, leave data stored on a computer or network storage system unprotected. Full disk encryption is a great way to protect sensitive customer data. Impact - Access to company sensitive information - ...
Non-encrypted confidential information - Credentials
Description The passwords are in plain text in the source code of the application allowing an attacker to view it without any encryption. Impact Obtain sensitive information to compromise resources or services Recommendation Verify that sensitive ...
Non-encrypted confidential information - LDAP
Description LDAP service credentials are exposed in plain text in the code. Impact - Access the LDAP service. - Obtain confidential information. Recommendation Use secure encryption methods to encrypt any sensitive information. Threat An attacker ...
Non-encrypted confidential information - AWS
Description AWS credentials are stored in plain text within the source code. Impact - Expose resources, processes and sensitive information that could be compromised. - Copy sensitive information from S3 Buckets. - Remove sensitive information from ...
Non-encrypted confidential information - DB
Description The application stores information from user queries within the database that is stored on the device, allowing an attacker to access the information. Impact Obtain information from user queries. Recommendation Encrypt all sensitive ...
Non-encrypted confidential information - Credit Cards
Description In alignment with the PCI DSS standard, sensitive information regarding payment cards must be masked and encrypted at the user end and at the server end. Impact Obtain credit card information. Recommendation Encrypt all sensitive ...
Technical information leak - Errors
Description It is possible to cause the server to throw errors after analyzing the endpoints with different techniques such as: sending massive requests to the endpoint, sending massive characters in the body of the application. Impact Obtain ...
Technical information leak - API
Description An attacker is able to gather the entire GraphQL API Schema Structure (both queries and mutations). Impact Get the knowledge of the Schema Structure to open a door for more dangerous attacks. Recommendation Disable introspection queries. ...
Technical information leak - Print Functions
Description Technical information is obtained from the application due to the use of print functions (Print, PrinStackTrace, Println, among others) whose outputs are normally shown in the stdout (standard output). In development environment it is ...
Technical information leak - SourceMap
Description The .map files are exposed, making it easy for a malicious actor to analyze the application. Impact Understand the inner workings of the application to generate new attack vectors. Recommendation Limit access of map files to authorized ...
Technical information leak - Headers
Description It is possible to obtain technical information such as technology names or component versions through the server response headers. Impact Obtain technical information to craft new attack vectors Recommendation Verify that HTTP response ...
Technical information leak - Stacktrace
Description Errors or exceptional events are not properly handled by the application allowing an attacker to disclose technical information from system error traces: Impact Exhibit technical information of the system. Recommendation - Remove ...
Technical information leak - Angular
Description Get technical information about the system, such as: - Angular version (ng-version). Impact Display technical information of the system. Recommendation Disable functionalities that give information about the components used such as names ...
Business information leak - Firestore
Description When attempting to activate a plan, it is evident that the responses to firestore API requests contain user credentials. Impact Obtain credentials from other services. Recommendation Ensure that responses to requests do not contain ...
Business information leak - Power BI
Description Business information is obtained, such as: - Strategic Information - KIPS - Sales Information - Dispatch Information Impact - Obtain strategic business information. - Obtain KPI indicators. - Obtain sales and dispatches information. ...
Business information leak - Analytics
Description Business insights from mobile app usage analytics are obtained via a Swagger URL exposed along with the APIKey. Impact Obtain business information about the analytics of the mobile application. Recommendation According to the ...
Business information leak - NAC
Description An organization can set its own policies for each user with NAC, it could result in too much information that sometimes overload it. On the other hand, attackers use malicious devices, they install malicious devices between a legitimate ...
Business information leak - Personal Information
Description Real user information such as real ID numbers and phone numbers are being stored in the source code. Impact Obtain personal information from the user of the application in order to use it in different attacks such as social engineering, ...
Business information leak - Azure
Description A series of flaws in Azures service feature created a loophole. This vulnerability could allow users to access other customers information in the platform. Impact - Lead to compromise the Kubernetes clusters, thus providing attackers with ...
Business information leak - AWS
Description Business information is obtained, such as: - Application flows, script and operation. - User list. - Employee information. - Customer information Through the use of AWS credentials found in plain text in the source code. Impact Gain ...
Business information leak - JFROG
Description Through the credentials obtained in the code, access is obtained to external resources where there are binaries of which, if reverse engineering is applied, it is possible to find information burned in the code, such as access credentials ...
Business information leak - DB
Description From sensitive information stored in the source code, business information is obtained, such as: - Users who have made recent transactions, document number and full name. - Wallet IDs. - Versions and operating system names. - Transaction ...
Business information leak - Users
Description Business information is obtained, such as: - List of valid users. Impact Access to the code to identify that there is insufficiently protected business information. Recommendation According to the classification of the information found, ...
Business information leak - Token
Description Some of the information of the user like the username/email and full name is included in the data contained in the session token. Impact Obtain name and emails of users. Recommendation Avoid to include sensitive user information in the ...
Business information leak - Redis
Description Due to a misconfiguration of the Redis service, it is possible to connect to the dictionary server and obtain business information by deserializing objects contained in the keys, from which the following can be extracted: - List of users. ...
Business information leak - Network Unit
Description Different network units are used to identify the vulnerabilities present in the organization's network. Impact - Leverage breaches or security bottlenecks to cause a leakage of information. - Collect security event logs from the internal ...
Business information leak - Credit Cards
Description As a result of a misconfiguration in the creditcardId variable, customer credit card data can be seen through the responses to the requests made. Thus, it was possible to obtain business information, such as: - Strategic information. - ...
Business information leak - Source Code
Description Within the source code you get business information, such as: - Employee information. - Customer information. Impact Obtain business information to generate new attack vectors. Recommendation According to the classification of the ...
Business information leak - Repository
Description JFrog Artifactory repositories are accessed, with credentials stored in the source code. Impact Access the repository with credentials obtained in the source code. Recommendation Establish the necessary controls to ensure that the ...
Business information leak - Credentials
Description A leaked account gives attackers instant access to sensitive data or internal systems. Can be used to compromise customer and employee data, financial records, intellectual property and other sensitive information that could leave you at ...
Business information leak - JWT
Description Business information is obtained within the JWT, such as: - Username - Password Impact - Get the username from the JWT. - Get the encrypted password from the JWT. Recommendation Remove the sensitive information from the JWT and manage ...
Missing secure obfuscation - binary
Description An anonymous user from the Internet can extract the .apk of the Android application to decompile the binaries in order to have access to the source code and thus better understand the logic of the application. Impact - Extract the apk ...
Missing secure obfuscation
Description It is possible to obtain source code from the application since it has not been securely obfuscated. This could allow an attacker to understand the inner workings of the application or obtain technical or sensitive information. Impact ...
Use of an insecure channel - Telnet
Description Customer information is transmitted over a channel that does not use encryption, so credentials and confidential information can be captured in plain text. Impact Obtain Telnet credentials after a MitM attack. Recommendation Deploy the ...
Use of an insecure channel - useSslProtocol()
Description The application uses useSslProtocol() function, which allows the trust manager to trust all server certificates presented to it, this is convenient for local development, but is not recommended for use in production, as it does not ...
Use of an insecure channel - SMTP
Description The configuration of the SMTP service is set to not use SSL, so confidential information traveling by this means that can be viewed without any type of encryption. Impact Obtain and modify confidential information sent by SMTP. ...
Use of an insecure channel - FTP
Description Customer information is transmitted over a channel that does not use encryption, so credentials and confidential information can be captured in plain text. Impact Capture user credentials after a MitM attack. Recommendation Deploy the ...
Insecure encryption algorithm - SSLContext
Description An SSLContext object implements the specified secure socket protocol. However, not all protocols are equal and some legacy protocols, such as SSL, have proven to be insecure. Impact Decrypt traffic at the back-end level. Recommendation ...
Next page