Bug #89: [Security Audit ] 24- Improper Error Handling - E-Arogya - Redmine

Actions

Copy link

Bug #89

closed

Feature #65: Security Audit

[Security Audit ] 24- Improper Error Handling

Added by Kalyan Battula about 1 year ago. Updated 7 months ago.

Status:

Closed

Priority:

Low

Assignee:

Uday Kumar Dara

Category:

Target version:

Security Audit

Start date:

17/04/2024

Due date:

% Done:

Estimated time:

Deployed In:

Category:

Description

24- Improper Error Handling
CWE : CWE-388
Description :
Application discloses various error messages including stacktraces, exceptions, server
versions etc., in error messages.
Affected Path(s) :
/(Webserver)
Impact :
An adversary can use this information to construct further attacks.
Recommendation :
It is recommended to implement custom error pages and implement throughout the
application.
Evidence/Proof Of Concept :
Step 1: Improper Error Handling as shown in below screenshot.

Files

clipboard-202404171607-nnrr9.png (31.8 KB) clipboard-202404171607-nnrr9.png

Kalyan Battula, 17/04/2024 04:07 PM

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

E-Arogya

Custom queries

Bug #89

[Security Audit ] 24- Improper Error Handling

Updated by Deepika Valluri 12 months ago

Updated by Deepika Valluri 12 months ago

Updated by Vasudev Mamidi 12 months ago

Updated by Vasudev Mamidi 12 months ago

Updated by Sivakanth Kesiraju 12 months ago

Updated by Sivakanth Kesiraju 12 months ago

Updated by Gautam Kumar 7 months ago