OWASP TOP 10 VULNERABILITIES EXPLAINED 2021 EDITION.
What Is Owasp Top 10?
WHAT IS OWASP RISK RATING METHODOLOGY?
OWASP TOP 10 VULNERABILITIES OF 2021 ARE :
1. INJECTION
2. BROKEN AUTHENTICATION
3. SENSITIVE DATA EXPOSURE
4. XML XTERNAL ENTITIES (XXE)
5. BROKEN ACCESS CONTROL
6. SECURITY MISCONFIGURATION
7. CROSS-SITE SCRIPTING (XSS)
8. INSECURE DESERIALIZATION
9. USING COMPONENTS WITH KNOWN VULNERABILITIES
10. INSUFFICIENT LOGGING AND MONITORING
"INJECTION"
All data, as a rule, is stored in a special database, the calls to which are built in a form of queries, most often written in a Structured Query Language - SQL. Applications use SQL queries to receive, add, change and remove data. This is a very insecure weakness that can give the access an intruder to the database, as well as the ability to see, modify or delete data that is not intended for him. In such a way, an attacker can turn someone else's account balance together with the first and last name or steal someone's data.
The weakness is an aftermath of insufficient validation of user data, so that allows an intruder to put into web forms specially prepared requests that "trick" the app and allow reading or writing illegitimate data.
Perhaps the most common example of this security vulnerability is the SQL Query you can view one of the OWASP examples below:
String query = “SELECT * FROM accounts WHERE custID = ‘” + request.getParameter(“id”) + “‘”;
"BROKEN AUTHENTICATION"
A broken authentication vulnerability can allow an attacker to use manual and/or automatic methods to try to gain control over any account they want in a system – or even worse – to gain complete control over the system.
Websites with broken authentication vulnerabilities are very common on the web. Broken authentication usually refers to logic issues that occur on the application authentication’s mechanism, like bad session management prone to username enumeration – when a malicious actor uses brute-force techniques to either guess or confirm valid users in a system.
To minimize broken authentication risks avoid leaving the login page for admins publicly accessible to all visitors of the website:
• /administrator on Joomla!,
•/wp-admin/ on WordPress,
•/index.php/admin on Magento,
•/user/login on Drupal.
The second most common form of this flaw is allowing users to Brute Force username/password combination against those pages.
"SENSITIVE DATA EXPOSURE"
According to the OWASP Top 10, these vulnerabilities can come in many forms. A web application contains a broken authentication vulnerability if it:
• Permits automated attacks such as credential stuffing, where the attacker has a list of valid usernames and passwords.
• Permits brute force or other automated attacks.
• Permits default, weak, or well-known passwords, such as” Password1″ or “admin/admin.″
• Uses weak or ineffective credential recovery and forgot-password processes, such as “knowledge-based answers,” which cannot be made safe.
• Uses plain text, encrypted, or weakly hashed passwords.
• Has missing or ineffective multi-factor authentication.
• Exposes session IDs in the URL (e.g., URL rewriting).
• Does not rotate session IDs after successful login.
• Does not properly invalidate session IDs. User sessions or authentication tokens (particularly single sign-on (SSO) tokens) aren’t properly invalidated during logout or a period of inactivity.
Writing insecure software results in most of these vulnerabilities. They can be attributed to many factors, such as lack of experience from the developers. It can also be the consequence of more institutionalized failures such as lack of security requirements or organizations rushing software releases, in other words, choosing working software over secure software.
"XML XTERNAL ENTITIES (XXE)"
XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. It often allows an attacker to view files on the application server filesystem, and to interact with any back-end or external systems that the application itself can access.
In some situations, an attacker can escalate an XXE attack to compromise the underlying server or other back-end infrastructure, by leveraging the XXE vulnerability to perform server-side request forgery (SSRF) attacks.
"BROKEN ACCESS CONTROL"
The essence of this OWASP TOP 10 Vulnerability, as the name suggests, is the lack of verification of proper access to the requested object. Most web applications check permissions before displaying data in the user interface. However, applications must perform the same access control checks on the server when requesting any function. After all, there are many auxiliary services requests, which are often sent 📤 asynchronously in the background using AJAX Technology. If the requested parameters are not carefully validated, attackers could spoof the request to access data without any permission.
Read more about this topic from here: Broken Access Control
"SECURITY MISCONFIGURATION"
It is estimated that up to 95% of cloud breaches are the result of human errors and this fact leads us to the next vulnerability called security misconfiguration. This vulnerability refers to the improper implementation of security intended to keep application data safe. As we know the developer’s work is basically to work on the functionality of websites and not on security and this flaw allows hackers to keep track of the configuration of the security and find new possible ways to enter websites. The most common reason for this vulnerability is not patching or upgrading systems, frameworks, and components.
"CROSS-SITE SCRIPTING (XSS)"
Cross-site scripting is a type of security vulnerability typically found in web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. >
Cross-site scripting works by manipulating a vulnerable web site so that it returns malicious JavaScript to users. When the malicious code executes inside a victim's browser, the attacker can fully compromise their interaction with the application.
This attack can be prevented by using appropriate response headers, filtering the input and encoding the output, using the content security policy, applying a zero-trust approach to user input. The most common payload for XSS Attack is :
<script>alert(1)</script>
"INSECURE DESERIALIZATION"
Insecure Deserialization vulnerability allows an attacker to remotely execute code in the application, tamper or delete serialized (written to disk) objects, conduct injection attacks, replay attacks, and elevate privileges. This attack is also known as untrusted Deserialization. It is a serious application security issue that affects most of the modern systems.
"USING COMPONENTS WITH KNOWN VULNERABILITIES"
Known vulnerabilities are vulnerabilities that were discovered in open source components and published in the NVD (National Vulnerability Database), security advisories and issue trackers. From the moment of publication, a vulnerability can be exploited by hackers who find the documentation. According to OWASP, the problem of using components with known vulnerabilities is highly prevalent. Moreover, the use of open source components is so widespread that many development leaders don't even know what they have. The possible impact of open source vulnerabilities ranges from minor to some of the largest breaches known.
"INSUFFICIENT LOGGING AND MONITORING"
Insufficient logging and monitoring vulnerability occur when the security-critical event is not logged off properly, and the system is not monitored. Lack of such functionalities can make malicious activities harder to detect and in turn affects the incident handling process.
Log monitoring is considered important for several reasons. One of the reasons includes Log monitoring can prevent downtime on your sites and servers. Log management tools analyze logs and find problems within them, allowing your site reliability engineers to spend more time solving problems and less time searching for them or responding in emergencies. Log monitoring can save your company valuable time and money.
That's all, hope you guys like this information.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°
ALSO READ :
⚡ Tor Browser: How To Use It And Protect Your Privacy
⚡ How To Install IP Geolocation In Termux
Thank You !!