New top 10 series about network connection vulnerabilities

OWASP / Top10

Official OWASP Top 10 Document Repository

Other

4.32k stars 834 forks source link

New top 10 series about network connection vulnerabilities #479

Open spotlesscoder opened 5 years ago

spotlesscoder commented 5 years ago

I noticed that OWASP recently released domain specific TOP 10 lists, for example the Top 10 IoT Vulnerabilities list.

I googled but didn't find something specific for networking connections.

Some common vulnerabilities I can think of are:

Missing end-to-end encryption
VPN leakage
Insecure Layer2/3 switch configuration

etc. etc. A top 10 list about networking would be great.

KiranKhanna721 commented 3 years ago

Here are the list of top 10 for networking A1. Injection A2. Broken Authentication A3. Sensitive Data Exposure A4. XML External Entities (XXE) A5. Broken Access Control A6. Security Misconfiguration A7. Cross-Site Scripting (XSS) A8. Insecure Deserialization A9. Using Components with Known Vulnerabilities A10. Insufficient Logging and Monitoring