Knowledge Base - Issues
Our knowledge-base provides a comprehensive collection of information on vulnerabilities related to cyber security.Cleartext submission of password is a vulnerability that occurs when a password is transmitted in a non-encrypted form during authentication processes over an open network like the internet. Unencrypted data can be easily intercepted by malicious actors and used to gain access to systems and resources. According to the OWASP...
Cookie Variable Exposed is a type of vulnerability commonly found in web and API applications. It occurs when data stored in a cookie is made available to an unauthorized user, allowing them to gain access to the application or system. This vulnerability is classified as an Authentication vulnerability in the...
Credit card numbers disclosed is an authentication vulnerability (CWE-522) where credit card numbers, expiration dates, and CVV numbers are exposed during authentication. This vulnerability is commonly found in web applications and APIs (OWASP Testing Guide, V3.0). This type of vulnerability can be exploited with malicious intent, such as stealing credit...
Cross-domain script include is a type of authentication vulnerability that occurs when a web application allows malicious scripts to be included from a different domain. This type of vulnerability can allow attackers to bypass access controls, such as the same-origin policy, allowing them to access sensitive data from the victim’s...
Deauthentication DoS Attack is a type of attack in which an attacker sends deauthentication frames to the wireless access point or wireless client, thereby disabling the wireless connection and preventing the client from reconnecting to the access point. This attack is also known as “Deauth Attack”, “Deauthentication Flood”, or “Deauth...
Expired Certificate is an authentication vulnerability classified as CWE-284 and listed as A6 in the OWASP Testing Guide. It is a type of vulnerability that affects infrastructure, specifically SSL/TLS encryption. When an SSL certificate expires, it can no longer be used to authenticate the connection between two parties, resulting in...
Improper Access Control ([CWE-284](https://cwe.mitre.org/data/definitions/284.html)) is an IT vulnerability that enables an individual to gain access to unauthorized information or resources. This vulnerability is categorized under Authentication and can be found in Web applications and APIs. The [OWASP Web Security Testing Guide (WSTG)](https://owasp.org/www-project-web-security-testing-guide/latest/) outlines a number of tests that can be...
Insecure Direct Object References is a type of authentication vulnerability that occurs when a web application or API provides direct access to objects based on user-supplied input. According to the OWASP Testing Guide, an Insecure Direct Object Reference can occur when an application uses an “unvalidated parameter, such as a...
Insecure or invalid MFA factor is a security vulnerability that occurs when an application employs multi-factor authentication, but one of the additional factors is either considered insecure by current standards (e.g. SMS- or email-based authentication) or invalid due to falling in the same category as another factor (e.g. both factors...
Insufficient Attack Protection refers to a vulnerability that occurs when a security system or mechanism is unable to adequately protect itself against various types of attacks. CAPTCHA is often used as a security measure to prevent automated bots from abusing online services or accessing sensitive information. However, an inadequately protected...
Logout does not invalidate session token is a vulnerability in authentication security systems of Web and API applications. It occurs when a website does not properly invalidate the token issued to a user upon logging out. This vulnerability is classified as CWE-613 and is described in the OWASP Testing Guide....
MAC Spoofing of Device with known PSK is a type of authentication vulnerability (CWE-287) that occurs in infrastructure. It is a type of attack in which the attacker changes the MAC address of the device with a known pre-shared key (PSK) in order to gain access to the network. This...
Missing Certificate Pinning is an authentication vulnerability (CWE-295) that occurs when an application fails to verify a given certificate against its trusted peers, allowing a malicious certificate to be used as authentication. This type of vulnerability is often found in infrastructure applications, such as web browsers and mobile applications, as...
Multi-Factor Authentication (MFA) is a security mechanism that adds an extra layer of protection to user accounts by requiring multiple forms of verification before granting access. This typically includes a combination of something the user knows (e.g., a password), something the user has (e.g., a smartphone or hardware token), and...
No lockout information is an authentication vulnerability, identified as CWE-307 in the Common Weakness Enumeration, that occurs when a system does not track failed login attempts as part of authentication. This vulnerability can result in an attacker being able to guess passwords without ever having their access be locked. According...
No Multi-factor authentication is a vulnerability in authentication protocols that allows an attacker to gain access to systems or applications using only a single set of credentials. This vulnerability can be found in Infrastructure, Mobile App and Web and API. According to the OWASP Testing Guide, this vulnerability is best...
No usage limits is an authentication vulnerability that occurs when authentication mechanisms do not enforce a limit on the number of failed attempts before locking a user account (CWE-532). This vulnerability can be found in web and API applications and can result in unauthorized access. According to the OWASP Testing...
**NTLMv1** (_NT LAN Manager version 1_) and** LM** (_LAN Manager_) authentication are legacy authentication protocols used in older Windows operating systems for verifying the identity of users trying to access network resources. These authentication protocols have significant security vulnerabilities, and their use is strongly discouraged in modern environments.
## Risk
- Weak...
Old Password for krbtgt Account is a type of IT vulnerability that falls under the category of Authentication. This vulnerability occurs when the krbtgt account password is not changed regularly, thereby allowing attackers to gain access to the domain controller, and possibly other sensitive areas of the IT infrastructure. This...
The function to change the own user account password does not require entering the existing password of that account.
## Risk
A password change function that does not require entering the old password introduces several security risks and vulnerabilities.
- **Unauthorized password changes**: Without verifying the old password, an attacker may be...
Password submitted using GET Method is a vulnerability in authentication systems, where passwords are being sent using the GET request. This vulnerability is also known as CWE-521 and was identified in the OWASP Testing Guide in section 4.2.2.1 (Sensitive Data Exposure). This vulnerability can occur when an application does not...
Password value set in cookie is an authentication vulnerability that occurs when a web application stores the user's password as a cookie on the user's device, which can be accessed by malicious actors. The Common Weakness Enumeration (CWE) directory classifies this vulnerability as CWE-315, which is defined as “Cleartext Storage...
A predictable session token vulnerability occurs when a web application issues session tokens that follow a discernible pattern or sequence. Session tokens are intended to uniquely identify a user's session and should be random and unpredictable to prevent unauthorized access. If an attacker can predict or determine the session tokens,...
Request URL override is an authentication vulnerability (CWE-287) in Web and API applications. It occurs when a server is not properly validating URLs, and allows an attacker to bypass authentication and gain access to restricted resources. This vulnerability is explained in the OWASP Testing Guide, in the chapter on authentication...
Silverlight cross-domain policy is an authentication vulnerability that exists in web and API applications utilizing Silverlight (Microsoft's Rich Internet Application platform) and is classified under CWE-287 (Improper Authentication). This vulnerability results from Silverlight not properly validating the origin of cross-domain requests, allowing malicious domain owners to bypass the intended security...
SMB Signing not required is a type of authentication vulnerability that occurs in IT infrastructure. It occurs when an organization fails to require SMB Signing, which is a security feature that digitally signs SMB packets. This vulnerability can be exploited by attackers who can use malicious packets to gain access...
The vulnerability involves the usage of the Server Message Block version 1 (SMBv1) protocol on a Domain Controller, which serves as a central authentication and authorization server in a Windows-based network. SMBv1 is an outdated and insecure protocol that has known security weaknesses and has been deprecated by Microsoft due...
Spoofable client IP address is an authentication vulnerability that occurs in infrastructure. This vulnerability occurs when an attacker is able to spoof their IP address, in order to bypass authentication. This is often done by impersonating the IP address of a trusted source, to gain access to systems or services....
The application concerned can be used to find out whether user accounts (e-mail addresses) exist in the system. This is done by a so-called time-based user enumeration. Depending on whether a user exists or not, the request to the endpoint takes different lengths of time. In order to reduce the...
Showing entries 1 to 29 of 29 entries.