Project

General

Profile

Actions
Copy link

Bug #89

closed

Feature #65: Security Audit

[Security Audit ] 24- Improper Error Handling

Added by Kalyan Battula about 1 year ago. Updated 7 months ago.

Status:
Closed
Priority:
Low
Assignee:
Uday Kumar Dara
Category:
-
Target version:
Security Audit
Start date:
17/04/2024
Due date:
% Done:

0%

Estimated time:
Deployed In:
Category:

Description

24- Improper Error Handling
CWE : CWE-388
Description :
Application discloses various error messages including stacktraces, exceptions, server
versions etc., in error messages.
Affected Path(s) :
/(Webserver)
Impact :
An adversary can use this information to construct further attacks.
Recommendation :
It is recommended to implement custom error pages and implement throughout the
application.
Evidence/Proof Of Concept :
Step 1: Improper Error Handling as shown in below screenshot.

Files

clipboard-202404171607-nnrr9.png (31.8 KB) clipboard-202404171607-nnrr9.png Kalyan Battula, 17/04/2024 04:07 PM
Actions
Copy link
 #1

Updated by Deepika Valluri 12 months ago

  • Status changed from New to In Progress
  • Assignee set to Deepika Valluri
Actions
Copy link
 #2

Updated by Deepika Valluri 12 months ago

  • Assignee deleted (Deepika Valluri)
Actions
Copy link
 #3

Updated by Vasudev Mamidi 12 months ago

  • Status changed from In Progress to Resolved
Actions
Copy link
 #4

Updated by Vasudev Mamidi 12 months ago

  • Assignee set to Uday Kumar Dara
Actions
Copy link
 #5

Updated by Sivakanth Kesiraju 12 months ago

  • Target version set to Sprint 1 (29th April - 3rd May)
Actions
Copy link
 #6

Updated by Sivakanth Kesiraju 12 months ago

  • Target version changed from Sprint 1 (29th April - 3rd May) to Security Audit
Actions
Copy link
 #7

Updated by Gautam Kumar 7 months ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF