Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion working_copy/humanv1.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ Generated from [machine readable version](machinev1). Please **DO NOT** edit thi
| Vulnerable | DDoS Amplifier | Publicly accessible services that can be abused for conducting DDoS reflection/amplification attacks, e.g., DNS open-resolvers or NTP servers with monlist enabled. |
| Vulnerable | Potentially Unwanted Accessible Services | Potentially unwanted publicly accessible services, e.g., Telnet, RDP or VNC. |
| Vulnerable | Information disclosure | Publicly accessible services potentially disclosing sensitive information, e.g., SNMP or Redis. |
| Vulnerable | Vulnerable System | A system which is vulnerable to certain attacks, e.g., misconfigured client proxy settings (such as WPAD), outdated operating system version, or cross-site scripting vulnerabilities. |
| Vulnerable | Vulnerable System | A system which is vulnerable to certain attacks, e.g., misconfigured client proxy settings (such as WPAD), outdated operating system version, cross-site scripting vulnerabilities or weak access control (missing password complexity and length controls, missing or poor authentication factors, presence of default account names/passwords, no Segregation of Duties, etc.). |
| Other | Uncategorised | All incidents which don't fit in one of the given categories should be put into this class or the incident is not categorised. |
| Other | Undetermined | The categorisation of the incident is unknown/undetermined. |
| Test | Test | Meant for testing. |
2 changes: 1 addition & 1 deletion working_copy/machinev1
Original file line number Diff line number Diff line change
Expand Up @@ -218,7 +218,7 @@
"value": "information-disclosure"
},
{
"description": "A system which is vulnerable to certain attacks, e.g., misconfigured client proxy settings (such as WPAD), outdated operating system version, or cross-site scripting vulnerabilities.",
"description": "A system which is vulnerable to certain attacks, e.g., misconfigured client proxy settings (such as WPAD), outdated operating system version, cross-site scripting vulnerabilities or weak access control (missing password complexity and length controls, missing or poor authentication factors, presence of default account names/passwords, no Segregation of Duties, etc.).",
"expanded": "Vulnerable System",
"value": "vulnerable-system"
}
Expand Down