Home > cards > CJ

CORNUCOPIA (CJ)

Roman can exploit the application because it was compiled using out-of-date tools, or its configuration is not secure by default, or security information was not documented and passed on to operational teams

CORNUCOPIA

OWASP SCP

90,137,148,151,152,153,154,175,176,177,178,179,186,192

OWASP ASVS

1.14.3,14.1.1,14.1.2,14.1.3,14.1.4,14.1.5,14.2.1

OWASP AppSensor

CAPEC

SAFECODE

CORNUCOPIA

OWASP SCP

90,137,148,151,152,153,154,175,176,177,178,179,186,192

OWASP ASVS

1.14.3,14.1.1,14.1.2,14.1.3,14.1.4,14.1.5,14.2.1

OWASP AppSensor

CAPEC

SAFECODE

How to play?

NB: The key concept for this card is secure deployment.

Mappings

OWASP ASVS (4.0): 1.14.3 ,14.1.1 ,14.1.2 ,14.1.3 ,14.1.4 ,14.1.5 ,14.2.1

Capec:

OWASP SCP: 90,137,148,151,152,153,154,175,176,177,178,179,186,192

OWASP Appsensor:

Safecode: 4

ASVS (4.0) Cheatsheetseries Index

ASVS V1.14 - Configuration Architectural Requirements

ASVS V14.1 - Build

ASVS V14.2 - Dependency

No suitable mappings were found.

Attacks

Command Injection

Social engineering attack

Session Hijacking (Man-in-the-Middle)

View source on GitHub