Skip to content

TERNA PR11 (Update machinev1)#102

Open
smazzucco wants to merge 1 commit into
enisaeu:masterfrom
smazzucco:patch-9
Open

TERNA PR11 (Update machinev1)#102
smazzucco wants to merge 1 commit into
enisaeu:masterfrom
smazzucco:patch-9

Conversation

@smazzucco

Copy link
Copy Markdown

Proposal for implementing "Weak Access Control (password, profiles, authentication factors)" at INCIDENT EXAMPLES (2ND COLUMN) to reflect this type of common vulnerabilities verified by on-field experience.

Proposal for implementing "Weak Access Control (password, profiles, authentication factors)" at INCIDENT EXAMPLES (2ND COLUMN) to reflect this type of common vulnerabilities verified by on-field experience.
Comment thread working_copy/machinev1
{
"description": "Weak password complexity and length controls, missing or poor authentication factors (e.g. captcha code, OTP, etc.), presence of default account/password, breach of SoD rules, broken certificates, etc.",
"expanded": "Weak Access Control (password, profiles, authentication factors)",
"value": "weak access control"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"value": "weak access control"
"value": "weak-access-control"

@amicaross

Copy link
Copy Markdown
Collaborator

suggestion to add in the description of "Vulnerable System" weak access control lead to Vulnerable System. please open another PR accordingly if agree.

sebix added a commit to sebix/Reference-Security-Incident-Taxonomy-Task-Force that referenced this pull request Jan 19, 2022
as proposed in
enisaeu#102
and discussed in the meeting 2021-05-26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants