This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Top 10 2013-A5-Security Misconfiguration"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
= TEMPORARY PLACEHOLDER for 2013 T10 =
 
 
{{Top_10_2013:TopTemplate
 
{{Top_10_2013:TopTemplate
 
     |usenext=2013NextLink
 
     |usenext=2013NextLink
Line 11: Line 10:
 
}}
 
}}
  
{{Top_10:SummaryTableValues
+
{{Top_10_2010:SummaryTableHeaderBeginTemplate}}
    |DIFFICULT|#FFFF00
+
{{Top_10_2010:SummaryTableValue-1-Template|Exploitability|EASY}}
    |UNCOMMON|#FFFF00
+
{{Top_10_2010:SummaryTableValue-2-Template|Prevalence|COMMON}}
    |AVERAGE|#FFC000
+
{{Top_10_2010:SummaryTableValue-1-Template|Detectability|EASY}}
    |SEVERE|#FF0000
+
{{Top_10_2010:SummaryTableValue-2-Template|Impact|MODERATE}}
    |year=2013
+
{{Top_10_2010:SummaryTableHeaderEndTemplate}}
}}
 
  
 
{{Top_10_2010:SummaryTableHeaderEndTemplate}}
 
{{Top_10_2010:SummaryTableHeaderEndTemplate}}

Revision as of 16:18, 17 February 2013

NOTE: THIS IS NOT THE LATEST VERSION. Please visit the OWASP Top 10 project page to find the latest edition.

[[Top 10 {{{year}}}-Insecure Direct Object References|← Insecure Direct Object References]]
[[Top 10 {{{year}}}-Table of Contents | {{{year}}} Table of Contents]]

[[Top_10_{{{year}}}-Top 10|{{{year}}} Top 10 List]]

[[Top 10 {{{year}}}-Sensitive Data Exposure|Sensitive Data Exposure →]]
Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts
Application Specific Exploitability
EASY
Prevalence
COMMON
Detectability
EASY
Impact
MODERATE
Application / Business Specific
Application / Business Specific
blank. blank blank blank blank
Am I Vulnerable To 'Security Misconfiguration'?

blank

How Do I Prevent 'Security Misconfiguration'?

blank

  1. blankBullet1
  2. blankBullet2
Example Attack Scenarios

blank

blank code

blank

http://example.com/app/accountView?id=' or '1'='1

blank

References

OWASP

External

[[Top 10 {{{year}}}-Insecure Direct Object References|← Insecure Direct Object References]]
[[Top 10 {{{year}}}-Table of Contents | {{{year}}} Table of Contents]]

[[Top_10_{{{year}}}-Top 10|{{{year}}} Top 10 List]]

[[Top 10 {{{year}}}-Sensitive Data Exposure|Sensitive Data Exposure →]]

© 2002-2013 OWASP Foundation This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license. Some rights reserved. CC-by-sa-3 0-88x31.png
[[Category:OWASP Top Ten {{{year}}} Project]]