Top 10 2010-Details About Risk Factors

From OWASP
Revision as of 10:26, 20 April 2010 by Neil Smithline (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
««««
Top 10 Introduction
Top 10 Risks
»»»»
RISK Threat Agents Attack Vectors Security Weakness Technical Impact Business Impacts
A1-Injection Exploitability
EASY
Prevalence
COMMON
Detectability
AVERAGE
Impact
SEVERE
A2-XSS Exploitability
AVERAGE
Prevalence
VERY WIDESPREAD
Detectability
EASY
Impact
MODERATE
A3-Authentication Exploitability
AVERAGE
Prevalence
COMMON
Detectability
AVERAGE
Impact
SEVERE
A4-DOR Exploitability
EASY
Prevalence
COMMON
Detectability
EASY
Impact
MODERATE
A5-CSRF Exploitability
AVERAGE
Prevalence
WIDESPREAD
Detectability
EASY
Impact
MODERATE
A6-Config Exploitability
EASY
Prevalence
COMMON
Detectability
EASY
Impact
MODERATE
A7-Crypto Exploitability
DIFFICULT
Prevalence
UNCOMMON
Detectability
DIFFICULT
Impact
SEVERE
A8-URL Access Exploitability
EASY
Prevalence
UNCOMMON
Detectability
AVERAGE
Impact
MODERATE
A9-Transport Exploitability
DIFFICULT
Prevalence
COMMON
Detectability
EASY
Impact
MODERATE
A10-Redirects Exploitability
AVERAGE
Prevalence
UNCOMMON
Detectability
EASY
Impact
MODERATE

Am I Vulnerable to Injection?

How Do I Prevent Injection?

Example Attack Scenarios

References

OWASP External


««««
Top 10 Introduction
Top 10 Risks
»»»»

© 2002-2010 OWASP Foundation This document is licensed under the Creative Commons Attribution-ShareAlike 3.0 license. Some rights reserved. CC-by-sa-3 0-88x31.png