About OWASP
OWASP stands for Open Web Application Security Project is a nonprofit organization aimed for improving Web Application Securities. It is an open source community based project where anyone can participate and contribute to OWASP related to the projects and more.
About OWASP Top 10
The OWASP Top 10 is a list of the 10 most important security risks affecting web applications. It is used to help developers to secure their applications better.
What are the OWASP Top 10 Vulnerabilities?
Well, OWASP released their Top 10 Vulnerabilities in 2021. Here are the detailed information about the top 10 vulnerabilities.
A01. Broken Access Control
If these types of Vulnerabilities exists in a system then the attacker can function as an user or as an administrator of that particular vulnerable system.
Scenario
Let’s Suppose their is a website called “xyz.com” and their are two users. One is Bob and another is Alice. Here Bob is an attacker and Alice is a normal user or an Admin. There are some IDs are assigned to those users. For an example Bob has the ID which is “S098761” where Bob is only allowed to logged in to his ID and can view his information only. In another end Alice has a ID which is “Do45610” where Only Alice is only allowed to logged in to his ID and can view his information only. If Alice is an admin then in that case he can view or access every users details. For this Scenario Bob is just a normal user.
So if Bob can intercept the request of Alice ID and able to change the ID of Alice and able to access the information then there is a broken access control vulnerability. E.g. Bob changed the ID of Alice from Do45610 to S098761 and controlling the ID of Alice.
A02. Cryptographic Failure
If these types of vulnerabilities exists then the important stored or transmitted data will be compromise such as credit card numbers, Social security numbers and Personal data like phone number, email etc.
Scenario
Let’s suppose the website “xyz” have no cryptographic mechanism in their system. So in this case the data is not encrypted and it is easy to bruteforce and get sensitive data.
A03. Injection
If these types of vulnerabilities exists then invalid data can be sent by an attacker into a web application in order to make the application do something it was not designed to do by the normal user.
Scenario
An awebsite called “xyz.com” uses untrusted data when constructing a vulnerable SQL call. In this attack an attacker can inject the code and takeover the database or some sensitive information of the “xyz.com” website.
A04. Insecure Design
These vulnerabilities are exists due to lack of security implementation in an application at the time of development. It denotes that the best practices for the designing an application has not been taken into consideration.
Scenario
Lets support there’s a website called “xyz.com” which does not have rate limiting against the endpoints of products which is used to add the product in the smartphone. The website usually sells some of the limited products which usually comes in the quantity of 200-400 usually. Now since the rate limiting has not been applied some of the malicious user might use bots who regularly check when the product is available and once the product is available they purchase most of their quantity and then resell it. So the users who are genuinely looking for the product won’t get it and due to heavy requests they will never be successful in purchasing a product.
A05. Security Misconfiguration
Security Misconfiguration happened when security settings are implemented and maintained as defaults.
Scenario
Let’s suppose “xyz.com” website has a database and where their databases credentials is default such as username is admin and password is password.
A06. Vulnerable and Outdated Components
Vulnerable and Outdated Component based vulnerabilities happens when a software component is unsupported, outdated or vulnerable to a known exploit. It can includes OS, Database, API and Server etc.
Scenario
Lets suppose a company called “xyz” using an Apache server version of 2.0 which is already vulnerable to SQL Injection. So in this case an attacker will be easily attack their server due to this vulnerable and outdated version.
A07. Identification and Authentication Failures
These can be related to authentication and session management, when implemented incorrectly, it allows attackers to compromise passwords, and sessions which can lead to stolen user’s identity and more.
Scenario
Lets suppose “xyz” website allows the use of weak or easy to guess passwords such as password, user123 etc.
A08. Software and Data Integrity Failures
These types of vulnerabilities happens when the identity of the apps or data is not checked or verification process is not well rounded that is like it can be bypassed or validation failure still lets the app to run.
Scenario
An application deserializes attacker supplied hostile objects, opening itself to vulnerability.
A09. Security Logging and Monitoring Failures
Logging and monitoring are quite critical and their absence or failures can directly impact visibility, incident alerting. Although it’s quite important to have a functional logging and monitoring system to collect logs and also give alerts if any malfunctions or errors happen, otherwise these can go unnoticed for a long time and cause a lot more damage.
Scenario
Let’s suppose “xyz.com” website has no limited login attempts in their system. So in this case it will be easy to bruteforce a user’s account as there’s no limited login attempts in the system. Apart from that let’s suppose also “xyz.com” website has no audit mechanism to capture the logs and important activities. So in this case it’s also a very risky factor for any website or application.
A10. Server-Side Request Forgery
Server Side Request Forgery (SSRF) attacks are used to target internal systems that are behind firewalls and are not accessible from the external network. It can be exploited to access internally running services like SSH, localhost, FTP etc. In a normal SSRF attack the attacker might cause the server to make a connection to internal services within the organization’s infrastructure which is not authorized for an external user.
Scenario
Let’s suppose “xyz.com” is only accepts png and jpg file can be uploaded in their server, but if you can exploit and able to upload a svg file or another file and that’s executed which is actually shouldn’t be accepted by the server then in that case that will be vulnerable to SSRF attack.
I hope you enjoyed this post. If you really like this post then give your reaction and don’t forget to share it with others 🙂
Thank you for reading this and have a nice stay there!