Vulnerability Index
From Guidance Share
Contents |
[edit]
Authentication
- Weak passwords.
- Clear text credentials in configuration files
- Passing clear text credentials over the network Attackers can monitor the network to steal authentication credentials and spoof identity.
- Over-privileged accounts
- Long authentication ticket sessions
- Mixing personalization with authentication Personalization data is suited to persistent cookies.
[edit]
Authorization
- Reliance on a single gatekeeper
- Failing to lock down system resources against application identities
- Failing to limit database access to specified stored procedures
- Inadequate separation of privileges.
[edit]
Auditing and Logging
- Failing to audit failed logons
- Failing to secure audit files
- Failing to audit across application tiers
[edit]
Configuration Management
- Insecure administration interfaces
- Insecure configuration stores
- Clear text configuration data.
- Too many administrators
- Over-privileged process accounts and service accounts
[edit]
Cryptography
- Using custom cryptography
- Using the wrong algorithm or too small a key size
- Failing to secure encryption keys
- Using the same key for a prolonged period of time
[edit]
Exception Management
- Failing to use structured exception handling
- Revealing too much information to the client
[edit]
Input /Data Validation
- Non-validated input in the Hypertext Markup Language (HTML) output stream
- Non-validated input used to generate SQL queries
- Reliance on client-side validation
- Use of input file names, URLs, or user names for security decisions
- Application-only filters for malicious input
- Failing to validate all input parameters
- Sensitive data in unencrypted cookies
- Sensitive data in query strings and form fields
- Trusting HTTP header information
- Unprotected view state.
[edit]
Sensitive Data
- Storing secrets when you do not need to.
- Storing secrets in code
- Storing secrets in clear text
- Passing sensitive data in clear text over networks.
[edit]
Session Management
- Passing session identifiers over unencrypted channels
- Prolonged user session identifier lifetime
- Insecure session state stores
- Session identifiers in query strings