Tag: access-control
Privilege escalation happens when a malicious user gains elevated access to resources that should be unavailable to them.
Unauthenticated LDAP requests can allow untrusted access to LDAP servers.
Weak file permissions can lead to privilege escalation.
Your code doesn't sufficiently authenticate identities provided by its users.
Lack of validation of a security certificate can lead to host impersonation and sensitive data leaks.
Logging unencrypted AWS credentials can expose them to an attacker.
Failing to set the AuthenticateOnUnsubscribe
flag to True
when confirming an SNS subscription can lead to unauthenticated cancellations.
Credentials that are stored in clear text can be intercepted by a malicious actor.