Relative Path Traversal

Property
Languagejava
Severityhigh
CWECWE-23: Relative Path Traversal
OWASPA01:2021 - Broken Access Control
Confidence LevelHigh
Impact LevelHigh
Likelihood LevelMedium

Description

User input is being used directly to construct file paths without validation or sanitization. This allows attackers to manipulate the path, potentially accessing files outside intended directories (e.g., using ‘../’).

Impact

If exploited, an attacker could read, overwrite, or delete sensitive files on the server by navigating the filesystem, leading to data breaches, application compromise, or denial of service. This can expose confidential information or disrupt business operations.

Reliance on Insufficiently Trustworthy Component

Property
Languageyaml
Severitymedium
CWECWE-1357: Reliance on Insufficiently Trustworthy Component
OWASPA06:2021 - Vulnerable and Outdated Components
Confidence LevelHigh
Impact LevelLow
Likelihood LevelLow

Description

A GitHub Action from a third-party repository is referenced without being pinned to a specific commit SHA. This means the action could change unexpectedly if the repository is updated or compromised.

Impact

If the referenced action is modified by its author or a bad actor, your workflow could automatically run untrusted or malicious code. This can lead to leaks of secrets, unauthorized access, or compromise of your CI/CD pipeline and related infrastructure.

Reliance on Untrusted Inputs in a Security Decision

Property
Languagerust
Severitymedium
CWECWE-807: Reliance on Untrusted Inputs in a Security Decision
Confidence LevelHigh
Impact LevelLow
Likelihood LevelLow

Description

Using std::env::temp_dir() for security-sensitive operations is unsafe because the system’s temporary directory is shared across users and processes. Files created here can be guessed or accessed by attackers if they’re not uniquely and securely named.

Impact

If exploited, attackers could read, modify, or replace temporary files used for sensitive operations, leading to data leaks, privilege escalation, or interference with application behavior. This can compromise user data or system integrity, especially if predictable file names are used.

Reliance on Untrusted Inputs in a Security Decision

Property
Languagerust
Severitymedium
CWECWE-807: Reliance on Untrusted Inputs in a Security Decision
Confidence LevelHigh
Impact LevelLow
Likelihood LevelLow

Description

Using std::env::args() for security-related decisions is unsafe because command-line arguments can be easily manipulated by users and are not guaranteed to reflect the true executable path or intent. Relying on these values for authentication, authorization, or other security checks can introduce vulnerabilities.

Impact

If an attacker can control or spoof command-line arguments, they might bypass security checks, gain unauthorized access, or cause the application to behave unexpectedly. This could lead to privilege escalation or unauthorized actions within the system.

Reliance on Untrusted Inputs in a Security Decision

Property
Languagerust
Severitymedium
CWECWE-807: Reliance on Untrusted Inputs in a Security Decision
Confidence LevelHigh
Impact LevelLow
Likelihood LevelLow

Description

Relying on std::env::args_os() for security decisions is unsafe because command-line arguments can be modified or spoofed by users. The first argument, often assumed to be the executable path, can contain arbitrary content and should not be trusted.

Impact

If your application uses args_os for authentication, authorization, or other security checks, attackers could manipulate process arguments to bypass protections or mislead the application, potentially leading to unauthorized access or incorrect behavior.

Reliance on Untrusted Inputs in a Security Decision

Property
Languagerust
Severitymedium
CWECWE-807: Reliance on Untrusted Inputs in a Security Decision
Confidence LevelHigh
Impact LevelLow
Likelihood LevelLow

Description

Using std::env::current_exe() for security decisions is unsafe because its output can be manipulated by users. This means the path it returns should not be trusted for authentication, authorization, or other sensitive checks.

Impact

If an attacker can control or spoof the value returned by current_exe(), they could bypass security checks or trick the application into unsafe behavior. This could lead to unauthorized access or execution of malicious code under certain conditions.

Require Cmk Disabled Alarm

Property
Languageterraform
Severitylow
Servicecloudwatch
ProviderAWS

Description

You can do real-time monitoring of API calls by directing CloudTrail logs to CloudWatch Logs and establishing corresponding metric filters and alarms.

CIS recommends that you create a metric filter and alarm for customer managed keys that have changed state to disabled or scheduled deletion. Data encrypted with disabled or deleted keys is no longer accessible.

Resolution

Create an alarm to alert on CMKs being disabled or scheduled for deletion

Require Vpc Flow Logs For All Vpcs

Property
Languageterraform
Severitymedium
Serviceec2
ProviderAWS
Vulnerability Typeomission

Description

VPCs are missing Flow Logs, which means information about network traffic—including rejected connection attempts—is not being captured or stored. This lack of logging reduces visibility into network activity within the VPC.

Impact

Without VPC Flow Logs, it becomes difficult to detect suspicious traffic, investigate security incidents, or identify unauthorized access attempts. This can delay incident response and increase the risk of undetected breaches or policy violations.

Resource Management Errors (4.12)

Property
Languageocaml
Severitylow
CWECWE-399: Resource Management Errors (4.12)
Confidence LevelLow
Impact LevelLow
Likelihood LevelLow

Description

Creating a Hashtbl without enabling randomization makes it vulnerable to predictable hash collisions. This can allow attackers to intentionally create many keys that hash to the same value, slowing down table operations.

Impact

If exploited, an attacker could degrade application performance or cause a denial of service by overloading the hash table, leading to slow responses or unavailability. This can affect the reliability and responsiveness of your service.

resource quota usage

Property
Languageterraform
Severitylow

Description

The configuration is missing a ResourceQuota policy that enforces memory and CPU limits within each Kubernetes namespace, allowing resources to be consumed without restriction. This absence fails to control aggregate resource usage across workloads.

Impact

Without enforced resource quotas, a single workload or user could consume excessive memory or CPU within a namespace, potentially leading to service degradation, denial of service, or disruption of other applications running in the same cluster.