Quick Guides

Top vulnerabilities by class:

• 01 Injection

  This occurs when untrusted data is sent to a web application as part of a command or query. The application then executes this data without proper validation, potentially leading to unintended actions like data breaches or system compromise. A common example is SQL injection, where malicious SQL code is inserted into a database query.

  E.G. SQL Injection, Cross-Site Scripting, Crafted Paths

  R/M Always validate and sanitize user inputs before using them.

• 02 Broken Access Control

  This vulnerability arises when restrictions on what authenticated users are allowed to do are not properly enforced. Attackers can exploit this to gain unauthorized access to sensitive data or functionality. For example, accessing admin pages without proper authentication.

  E.G. Exposure of Sensitive Info, Cross-Site Request Forgery

  R/M Implement a robust access control model with least privilege principles.

• 03 Insecure Design

  This broad category refers to flaws in the application's architecture and design. Unlike implementation bugs, these flaws are fundamental to the application's structure. This includes missing threat modeling, and security not being built into the design from the start.

  E.G. Exposure of Sensitive Information to an Unauthorized Actor (including errors)

  R/M Perform threat modeling and incorporate security into the design phase.

• 04 Cryptographic Failures

  This involves improper use of cryptography, leading to the exposure of sensitive data. Examples include using weak encryption algorithms, storing passwords in plain text, or failing to properly manage encryption keys.

  E.G. Hard-coded Passwords, Broken Algos, Insufficient Entropy

  R/M Use strong, up-to-date cryptographic algorithms and properly manage keys.

• 05 Identification & Authentication Failures

  These vulnerabilities occur when applications fail to properly verify user identities. Weak passwords, session management flaws, and allowing brute-force attacks are common examples.

  E.G. Bad Cert. Validation, Bad Authentication, Session Fixation

  R/M Enforce strong password policies and multi-factor authentication.

• 06 Security Misconfigurations

  This covers a wide range of issues, such as default passwords, unnecessary services enabled, or improper error handling that reveals sensitive information. This is often caused by not properly hardening the environment.

  E.G. External Entity Reference

  R/M Harden systems by removing default credentials and unnecessary services.

• 07 Software & Data Integrity Failures

  This category relates to code and infrastructure that does not protect against integrity violations. Examples include reliance on plugins, libraries, or modules from untrusted sources, or untrusted data being used without proper integrity checks.

  E.G. Unsigned Updates, Insecure Deserialization

  R/M Verify the integrity of software and data using digital signatures and checksums.

• 08 Security Logging & Monitoring Failures

  Insufficient logging and monitoring make it difficult to detect and respond to security incidents. Without proper logging, attackers can operate undetected, and forensic analysis becomes challenging.

  E.G. Insufficient Logging, Logging Sensitive Data

  R/M Implement comprehensive logging and monitoring to detect suspicious activity.

• 09 Server-Side Request Forgery (SSRF)

  This vulnerability enables an attacker to make a server-side application send requests to unintended internal or external resources. Attackers can exploit this to access internal services or data that are otherwise inaccessible from the outside.

  E.G. Non-validated User-Supplied URLs

  R/M Sanitize and validate all user-supplied URLs and restrict server-side requests.

• 10 Vulnerable & Outdated Components

  Applications often use third-party libraries and frameworks. If these dependencies have known vulnerabilities, they can expose the application to attacks. Failing to update these dependencies is a common problem.

  E.G. Unmaintained or Vulnerable Deps

  R/M Regularly update and patch all third-party libraries and frameworks.