OWASP Periodic Table of Vulnerabilities - Server Misconfiguration

From OWASP
Revision as of 16:44, 22 July 2013 by James Landis (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Return to Periodic Table Working View

Contents

Server Misconfiguration

Root Cause Summary

Platform technologies (web servers, application servers, operating systems) are configured insecurely.

Browser / Standards Solution

None

Perimeter Solution

Ensure proper application settings are deployed in configuration file/s. Provide secure default settings. Run all server software using low-privilege user accounts.

Generic Framework Solution

None

Custom Framework Solution

None

Custom Code Solution

None

Discussion / Controversy

None

References

Top 10 2013-A5-Security Misconfiguration
Server Misconfiguration (WASC)
Configuration (CWE)