Top 10 2013-A5-Security Misconfiguration - OWASP
Security misconfiguration can lead to unauthorized access and system compromise. Learn how to prevent it and avoid costly recovery.
Overview
Security misconfiguration can happen at any level of an application stack, including the platform, web server, application server, database, framework, and custom code. Developers and system administrators need to work together to ensure that the entire stack is configured properly.
Description
Security misconfiguration can lead to unauthorized access to or knowledge of the system. Attackers may gain access to default accounts, unused pages, unpatched flaws, unprotected files and directories, etc. This can result in compromising the entire system, leading to data theft or modification. Recovery costs can be expensive.
How to Prevent ?
To prevent security misconfiguration, it is important to establish a repeatable hardening process that deploys properly locked down environments. This process should be automated to minimize setup effort. Stay updated with software updates and patches to deploy them in a timely manner. Maintain a strong application architecture that provides secure separation between components. Periodically run scans and audits to detect misconfigurations or missing patches.
Example Attack Scenarios:
Scenario #1: Default admin console with unchanged passwords: The attacker discovers that the app server admin console is installed and the default accounts are not changed. They login with default passwords and take over the system.
Scenario #2: Directory listing not disabled: The attacker discovers that directory listing is not disabled on the server. They are able to list directories and find files, including compiled Java classes. This allows them to decompile and reverse engineer the code, leading to a serious access control flaw in the application.
Scenario #3: App server reveals stack traces in error messages: The attacker exploits an app server configuration that allows stack traces to be returned to users. They use the extra information provided by error messages to find underlying flaws.
Scenario #4: Sample applications with known flaws on production server: The attacker discovers that the app server comes with sample applications that are not removed from the production server. These sample applications have well-known security flaws that can be exploited to compromise the server.