1.8Vulnerability impact Flashcards
race conditions
The behavior of a software electronic, or another systems output is dependent on the timing, sequence of events, or a factor out of the users control
End of life systems
no longer receives updates, and at a high risk for compromise
Embedded systems
Programs added for automation and/or monitoring. can allow for malicious programs to gain access through the added programs
lack of vendor support
vendor does not support the product.does not update, improve, or protect the product
Improper input handling
The system does not properly validate data, allows for the attacker to create an input that is not expected. Allows for parts of the system vulnerable to unintended data.
Improper error handling
The error message displays sensitive or private information that give the user too much data
Default configuration
uses unsecure out of the box settings
Resource exhaustion
a denial of service occurs, the amount of resources to execute an action are expended, making it unable for the action to be performed
Untrained Users
Users are not properly informed on how to use the systems. This means mistakes will more than likely occur and that the system’s resources may be abused
Improperly configured accounts
Users should only be able to access the parts that they need to complete their work
Vulnerable business processes
All tasks, procedures and functions should be properly assessed and the most valuable and vulnerable should be heavily protected
Weak cipher suites and integration
Use of older and less robust cryptographic algorithms. i.e. DES, WEP
memory leak
Leaves the system unresponsive
Integer overflow
large integer exceeds data storage capacity
buffer overflow
Too much data for the computers memory to buffer
