Security Misconfiguration

Misconfigured systems can expose vulnerabilities, especially in cloud services and applications.

Examples:

  • Cloud Misconfigurations: Poorly set permissions on services like S3 buckets.

  • Unnecessary Features: Leaving unused services, pages, accounts, or privileges active.

  • Default Credentials: Using default accounts with unchanged passwords.

  • Verbose Error Messages: Providing attackers with system details through detailed error outputs.

PreviousBroken Access ControlNextIdentification and Authentication Failures

Last updated