search

OWASP / owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
https://mas.owasp.org/
Creative Commons Attribution Share Alike 4.0 International
11.78k stars 2.34k forks source link

Add Additional CWE mappings to MASWE #2858

Open cpholguera opened 3 months ago

cpholguera commented 3 months ago

MASWE supports CWE mappings already:

https://github.com/search?q=repo%3AOWASP%2Fowasp-mastg%20%22cwe%3A%22&type=code

For example, in MASWE-0041:

mappings:
  masvs-v1: [MSTG-AUTH-1]
  masvs-v2: [MASVS-AUTH-2]
  cwe: [603, 307, 287]

Review the suggestions below and add the remaining missing mappings to the rest of the MASWE.

Discussed in https://github.com/OWASP/owasp-mastg/discussions/2857

Originally posted by **poffo-mobisec** August 2, 2024 I love the introduction of Weaknesses in mobile security. It was missing and it is brilliant. But let's go straight to the point. Nowadays most of enterprises have standardized systems and works with CWE. Have you considered relate each MASWE to a CWE, to ease the risk management and company integration? I think this could give a lot of extra value to the project, allowing MASWE to be very specific on mobile weaknesses but at the same time bring compatibility with nowadays market. THE FOLLOWING CONTENT IS AI-GENERATED, so this work would absolutlely need a check, but it gives the idea of the result: | MASWE ID | MASWE Title | Relevant CWE ID | CWE Title | |----------------|----------------------------------------------------------|-----------------|----------------------------------------------------| | MASWE-0001 | Insertion of Sensitive Data into Logs | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0002 | Sensitive Data Stored With Insufficient Access Restrictions | CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | | MASWE-0003 | Sensitive Data Remains in App Backups | CWE-212 | Improper Cross-boundary Removal of Sensitive Data | | MASWE-0004 | Unencrypted Sensitive Data Stored in Non-Volatile Memory | CWE-311 | Missing Encryption of Sensitive Data | | MASWE-0005 | Insecure Data Storage in Shared Preferences | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0006 | Insecure Data Storage in SQL Databases | CWE-312 | Cleartext Storage of Sensitive Information | | MASWE-0007 | Insecure Data Storage in External Storage | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0008 | Insecure Data Storage in Cloud Services | CWE-256 | Unprotected Storage of Credentials | | MASWE-0009 | Insecure Data Storage in Cache | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0010 | Insecure Data Storage in Clipboard | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0011 | Sensitive Data in Application Memory | CWE-226 | Sensitive Information in Data Storage Element | | MASWE-0012 | Sensitive Data in System Logs | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0013 | Sensitive Data in Browser Cache | CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | | MASWE-0014 | Sensitive Data in WebView | CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | | MASWE-0015 | Sensitive Data in URL | CWE-598 | Use of GET Request Method with Sensitive Query Strings | | MASWE-0016 | Lack of Data Protection During Transmission | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0017 | Insecure Use of Cryptography | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm | | MASWE-0018 | Insecure Random Number Generation | CWE-338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) | | MASWE-0019 | Missing Integrity Checks on Sensitive Data | CWE-354 | Improper Validation of Integrity Check Value | | MASWE-0020 | Missing Confidentiality Protections | CWE-311 | Missing Encryption of Sensitive Data | | MASWE-0021 | Sensitive Data in Logs | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0022 | Missing Security Controls for Sensitive Data | CWE-284 | Improper Access Control | | MASWE-0023 | Insecure Use of Hashing | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm | | MASWE-0024 | Unsecured External Communication | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0025 | Insecure Data Storage in Memory | CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | | MASWE-0026 | Sensitive Data in Third-Party Services | CWE-295 | Improper Certificate Validation | | MASWE-0027 | Insecure Data Transmission Using SMS | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0028 | Sensitive Data in Keyboard Cache | CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | | MASWE-0029 | Insecure Data Storage in Keychain | CWE-312 | Cleartext Storage of Sensitive Information | | MASWE-0030 | Insecure Data Storage in Shared Directory | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0031 | Insecure Data Storage in Logs | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0032 | Insecure Data Storage in Debugging Information | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0033 | Insecure Data Storage in Crash Reports | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0034 | Insecure Data Storage in System Logs | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0035 | Insecure Data Storage in Third-Party Components | CWE-295 | Improper Certificate Validation | | MASWE-0036 | Insecure Data Storage in Cloud Storage | CWE-256 | Unprotected Storage of Credentials | | MASWE-0037 | Insecure Data Storage in App Sandboxes | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0038 | Insecure Data Storage in Cookie Storage | CWE-315 | Cleartext Storage of Sensitive Information in a Cookie | | MASWE-0039 | Insecure Data Storage in Web Storage | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0040 | Insecure Data Storage in IndexedDB | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0041 | Insecure Data Storage in LocalStorage | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0042 | Insecure Data Storage in SessionStorage | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0043 | Insecure Data Storage in FileSystem API | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0044 | Insecure Data Storage in App Bundle | CWE-312 | Cleartext Storage of Sensitive Information | | MASWE-0045 | Insecure Data Storage in Application Data | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0046 | Insecure Data Storage in Application Code | CWE-312 | Cleartext Storage of Sensitive Information | | MASWE-0047 | Insecure Data Storage in System Services | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0048 | Insecure Data Storage in App Configuration | CWE-312 | Cleartext Storage of Sensitive Information | | MASWE-0049 | Insecure Data Storage in Environment Variables | CWE-312 | Cleartext Storage of Sensitive Information | | MASWE-0050 | Insecure Data Storage in Shared Objects | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0051 | Insecure Data Storage in Shared Libraries | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0052 | Insecure Data Storage in Shared Components | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0053 | Insecure Data Storage in Shared Resources | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0054 | Insecure Data Storage in Shared Applications | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0055 | Insecure Data Storage in Shared Files | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0056 | Insecure Data Storage in Shared Devices | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0057 | Insecure Data Storage in Shared Network Storage | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0058 | Insecure Data Storage in Shared Infrastructure | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0059 | Insecure Data Storage in Shared Services | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0060 | Insecure Data Storage in Shared Platforms | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0061 | Insecure Data Storage in Shared Cloud Services | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0062 | Insecure Data Storage in Shared Virtualization Platforms | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0063 | Insecure Data Storage in Shared Containers | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0064 | Insecure Data Storage in Shared Hosts | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0065 | Insecure Data Storage in Shared Hypervisors | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0066 | Insecure Data Storage in Shared Orchestration | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0067 | Insecure Data Storage in Shared Configuration Management | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0068 | Insecure Data Storage in Shared DevOps Pipelines | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0069 | Insecure Data Storage in Shared CI/CD Tools | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0070 | Insecure Data Storage in Shared Testing Environments | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0071 | Insecure Data Storage in Shared Monitoring Tools | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0072 | Insecure Data Storage in Shared Logging Services | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0073 | Insecure Data Storage in Shared Security Tools | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0074 | Insecure Data Storage in Shared Automation Tools | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0075 | Insecure Data Storage in Shared Resource Management Tools| CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0076 | Dependencies with Known Vulnerabilities | CWE-1104 | Use of Unmaintained Third-party Components | | MASWE-0077 | Running on a recent Platform Version Not Ensured | CWE-1105 | Insufficient Software Version Update | | MASWE-0078 | Latest Platform Version Not Targeted | CWE-1105 | Insufficient Software Version Update | | MASWE-0079 | App Runs on Jailbroken or Rooted Devices | CWE-862 | Incorrect Authorization | | MASWE-0080 | App Runs on Emulator | CWE-325 | Missing Cryptographic Step | | MASWE-0081 | Debugging Enabled | CWE-489 | Active Debug Code | | MASWE-0082 | Developer Options Enabled | CWE-489 | Active Debug Code | | MASWE-0083 | Unsafe Handling of Data From The User Interface | CWE-20 | Improper Input Validation | | MASWE-0084 | Unsafe Handling of Data from IPC | CWE-20 | Improper Input Validation | | MASWE-0085 | Insecure Inter-Process Communication | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0086 | SQL Injection | CWE-89 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | | MASWE-0087 | Insecure Parsing and Escaping | CWE-116 | Improper Encoding or Escaping of Output | | MASWE-0088 | Insecure Object Deserialization | CWE-502 | Deserialization of Untrusted Data | | MASWE-0089 | Improper Certificate Validation | CWE-295 | Improper Certificate Validation | | MASWE-0090 | Improper Use of Platform APIs | CWE-749 | Exposed Dangerous Method or Function | | MASWE-0091 | Sensitive Data in Logs | CWE-532 | Insertion of Sensitive Information into Log File | | MASWE-0092 | Insecure Data Storage in External Devices | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0093 | Sensitive Data in Backup Files | CWE-212 | Improper Cross-boundary Removal of Sensitive Data | | MASWE-0094 | Insecure Data Transmission Using Insecure Protocols | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0095 | Insecure Use of Third-party Libraries | CWE-1104 | Use of Unmaintained Third-party Components | | MASWE-0096 | Unencrypted Sensitive Data Stored in Volatile Memory | CWE-311 | Missing Encryption of Sensitive Data | | MASWE-0097 | Insecure Data Transmission Using Push Notifications | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0098 | Insecure Data Transmission Using Email | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0099 | Insecure Data Transmission Using Third-party Services | CWE-319 | Cleartext Transmission of Sensitive Information | | MASWE-0100 | Insecure Data Storage in Temporary Files | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0101 | Insecure Data Storage in Local Databases | CWE-312 | Cleartext Storage of Sensitive Information | | MASWE-0102 | Sensitive Data in Memory Dumps | CWE-226 | Sensitive Information in Data Storage Element | | MASWE-0103 | Insecure Data Storage in Shared Drives | CWE-922 | Insecure Storage of Sensitive Information | | MASWE-0104 | App Integrity Not Verified | CWE-353 | Missing Support for Integrity Check | | MASWE-0105 | Integrity of App Resources Not Verified | CWE-353 | Missing Support for Integrity Check | | MASWE-0106 | Official Store Verification Not Implemented | CWE-353 | Missing Support for Integrity Check | | MASWE-0107 | Runtime Code Integrity Not Verified | CWE-353 | Missing Support for Integrity Check | | MASWE-0108 | Sensitive Data in Network Traffic | CWE-319 | Cleartext Transmission of Sensitive Information |
cpholguera commented 3 months ago

Assigned to @poffo-mobisec. Expected: September 2024