10.09.2024
58
ТОП-10 OWASP 2024
Reading time: 2 minutes
A01:2021-Broken Access Control перемещается с пятой позиции в категорию с наиболее серьезным риском безопасности веб-приложений; предоставленные данные показывают, что в среднем 3,81% протестированных приложений имели один или несколько Common Weakness Enumerations (CWE) с более чем 318 тыс. случаев CWE в этой категории риска. 34 CWE, сопоставленные с Broken Access Control, имели больше случаев в приложениях, чем в любой другой категории. A02:2021-Cryptographic Failures перемещается на одну позицию вверх на #2, ранее известный как A3:2017-Sensitive Data Exposure, что было общим симптомом, а не первопричиной.
A01:2021-Broken Access Control moves up from the fifth position to the category with the most serious web application security risk; the contributed data indicates that on average, 3.81% of applications tested had one or more Common Weakness Enumerations (CWEs) with more than 318k occurrences of CWEs in this risk category. The 34 CWEs mapped to Broken Access Control had more occurrences in applications than any other category. A02:2021-Cryptographic Failures shifts up one position to #2, previously known as A3:2017-Sensitive Data Exposure, which was broad symptom rather than a root cause.
A01:2021-Broken Access Control moves up from the fifth position to the category with the most serious web application security risk; the contributed data indicates that on average, 3.81% of applications tested had one or more Common Weakness Enumerations (CWEs) with more than 318k occurrences of CWEs in this risk category. The 34 CWEs mapped to Broken Access Control had more occurrences in applications than any other category. A02:2021-Cryptographic Failures shifts up one position to #2, previously known as A3:2017-Sensitive Data Exposure, which was broad symptom rather than a root cause.
10.09.2024
58