Vulnerability Index

From Guidance Share

Contents 1 Authentication 2 Authorization 3 Auditing and Logging 4 Configuration Management 5 Cryptography 6 Exception Management 7 Input /Data Validation 8 Sensitive Data 9 Session Management

Authentication

• Weak passwords.
• Clear text credentials in configuration files
• Passing clear text credentials over the network Attackers can monitor the network to steal authentication credentials and spoof identity.
• Over-privileged accounts
• Long authentication ticket sessions
• Mixing personalization with authentication Personalization data is suited to persistent cookies.

Authorization

• Reliance on a single gatekeeper
• Failing to lock down system resources against application identities
• Failing to limit database access to specified stored procedures
• Inadequate separation of privileges.

Auditing and Logging

• Failing to audit failed logons
• Failing to secure audit files
• Failing to audit across application tiers

Configuration Management

• Insecure administration interfaces
• Insecure configuration stores
• Clear text configuration data.
• Too many administrators
• Over-privileged process accounts and service accounts

Cryptography

• Using custom cryptography
• Using the wrong algorithm or too small a key size
• Failing to secure encryption keys
• Using the same key for a prolonged period of time

Exception Management

• Failing to use structured exception handling
• Revealing too much information to the client

Input /Data Validation

• Non-validated input in the Hypertext Markup Language (HTML) output stream
• Non-validated input used to generate SQL queries
• Reliance on client-side validation
• Use of input file names, URLs, or user names for security decisions
• Application-only filters for malicious input

• Failing to validate all input parameters
• Sensitive data in unencrypted cookies
• Sensitive data in query strings and form fields
• Trusting HTTP header information
• Unprotected view state.

Sensitive Data

• Storing secrets when you do not need to.
• Storing secrets in code
• Storing secrets in clear text
• Passing sensitive data in clear text over networks.

Session Management

• Passing session identifiers over unencrypted channels
• Prolonged user session identifier lifetime
• Insecure session state stores
• Session identifiers in query strings