Knowledge Base - Issues

Our knowledge-base provides a comprehensive collection of information on vulnerabilities related to cyber security.

/ Denial of Service

Denial of Service (DoS) is a type of IT vulnerability that is classified under Availability in the Common Weakness Enumeration (CWE) directory. DoS occurs when a malicious actor intentionally floods a network or system with an overwhelming amount of traffic, requests, or connections. This can cause the system to become...

/ No locking mechanism

The API interface concerned does not implement a locking mechanism. During authentication, any number of logon data can be tried without locking the user account. ## Risk An attacker can perform a brute force attack without locking user accounts. This allows an attacker to obtain valid credentials. ## Solution The most common protection against...

/ rDOS

reDOS (Regular Expression Denial of Service) is a type of vulnerability that occurs when an attacker supplies a malicious input string to a system that uses regular expressions for pattern matching. The regular expression is crafted in such a way that it causes the pattern matching engine to enter into...
The SNMP (Simple Network Management Protocol) 'GETBULK' Reflection DDoS (Distributed Denial of Service) is a specific type of DDoS attack that leverages the SNMP protocol's 'GETBULK' request functionality. In this attack, the attacker spoofs the source IP address of their request to appear as the victim's IP address and sends...
Unreachable resources included is a type of Availability vulnerability that occurs in web and API applications, according to the CWE directory. This vulnerability occurs when an application includes resources such as files, directories or other system components that are inaccessible to the application, either due to incorrect configuration or incorrect...

/ XML Entity Expansion

XML Entity Expansion (CWE-611) is a form of attack that involves an attacker sending malicious XML input to an XML parser, which then causes the parser to consume an excessive amount of resources (CPU, memory, etc.). This can result in a denial of service (DoS) attack, which can disrupt the...
Showing entries 1 to 6 of 6 entries.