Origin Validation Error

Property
Languagephp
Severitylow
CWECWE-346: Origin Validation Error
OWASPA07:2021 - Identification and Authentication Failures
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

The code sets the ‘Access-Control-Allow-Origin’ header to ‘*’, allowing any website to make requests to your application’s resources. This disables browser-based CORS protections and exposes your API or site to requests from any origin.

Impact

Attackers could exploit this to make unauthorized cross-origin requests, potentially stealing sensitive data or performing actions as logged-in users. This weakens origin-based access controls and increases the risk of data leaks or misuse of your application’s APIs.

Origin Validation Error

Property
Languagephp
Severitylow
CWECWE-346: Origin Validation Error
OWASPA07:2021 - Identification and Authentication Failures
Confidence LevelLow
Impact LevelMedium
Likelihood LevelLow

Description

Access-Control-Allow-Origin response header is set to “*”. This will disable CORS Same Origin Policy restrictions.

OS Command Injection

Property
Languageocaml
Severitymedium
CWECWE-78: OS Command Injection
Confidence LevelLow
Impact LevelHigh
Likelihood LevelMedium

Description

Executing external commands using functions like Unix.execve, Unix.system, or Sys.command with untrusted or unsanitized input can allow attackers to run arbitrary system commands. This happens when user input is passed directly to these functions without strict validation.

Impact

If exploited, an attacker could execute malicious commands on the server, compromise sensitive data, alter system files, or gain unauthorized access. This can lead to full system compromise, data breaches, or disruption of service.

OS Login should be enabled at project level

Property
Languageterraform
Severitymedium
Servicecompute
ProviderGoogle
Vulnerability Typeomission

Description

OS Login is not enabled at the project level in Google Compute, meaning SSH access is managed through static SSH keys rather than being tied to IAM identities. This configuration prevents automatic revocation of SSH keys when IAM user access is removed.

Impact

If exploited, former IAM users may retain unauthorized SSH access to compute instances even after their permissions are revoked, increasing the risk of unauthorized system access and potential data breaches.

Out-of-bounds Read

Property
Languagecsharp
Severitylow
CWECWE-125: Out-of-bounds Read
OWASPA04:2021 - Insecure Design
Confidence LevelLow
Impact LevelMedium
Likelihood LevelLow

Description

Using MemoryMarshal.CreateSpan or CreateReadOnlySpan with an unchecked length can lead to reading outside the bounds of the underlying data. This happens because these methods do not verify that the specified length is valid.

Impact

If exploited, this can cause your application to access unintended memory, potentially exposing sensitive data or causing crashes. Attackers might leverage this to leak information or destabilize your system, leading to security breaches or reliability issues.

Out-of-bounds Write

Property
Languagesolidity
Severityhigh
CWECWE-787: Out-of-bounds Write
Confidence LevelHigh
Impact LevelHigh
Likelihood LevelMedium

Description

Declaring new state variables in a proxy contract can accidentally overwrite storage slots used by the implementation contract. This storage collision can corrupt contract data and break functionality.

Impact

An attacker could exploit this to manipulate or destroy critical contract state, potentially gaining unauthorized control, causing loss of funds, or rendering the contract unusable. This can lead to severe security breaches and undermine trust in the smart contract system.

Password authentication should be disabled on Azure virtual machines

Property
Languageterraform
Severityhigh
Servicecompute
ProviderAzure
Vulnerability Typeomission

Description

The virtual machine is configured to allow password-based authentication, which relies on user-supplied passwords instead of more secure SSH key authentication. This increases the risk of unauthorized access due to weak, reused, or leaked passwords.

Impact

If exploited, attackers could compromise the server via brute-force or credential stuffing attacks, potentially gaining full control over the VM. This can lead to data breaches, service disruption, or use of the VM for malicious activity within the organization’s Azure environment.

Path Traversal

Property
Languageocaml
Severitymedium
CWECWE-35: Path Traversal
Confidence LevelLow
Impact LevelMedium
Likelihood LevelMedium

Description

Using Filename.concat with data from users or external sources can allow attackers to craft file paths that access files or directories outside the intended location. This makes the application vulnerable to directory traversal attacks.

Impact

If exploited, an attacker could read, modify, or overwrite sensitive files on the server by manipulating file paths. This could lead to data breaches, unauthorized access, or disruption of critical application functionality.

Performance Insights encryption should use Customer Managed Keys

Property
Languageterraform
Severitylow
Servicerds
ProviderAWS

Description

Performance Insights data for RDS instances is encrypted using AWS-managed keys instead of customer-managed KMS keys, limiting control over key management and access policies. This configuration does not allow for customized permissions or full lifecycle control of encryption keys.

Impact

Without customer-managed keys, there is reduced control over who can access or rotate encryption keys and how encryption policies are enforced. This may increase the risk of unauthorized data access or hinder compliance with organizational or regulatory requirements for data protection.