canmove, Confirmed users
638
edits
Security Severity Ratings: Difference between revisions
Jump to navigation
Jump to search
→Severity Ratings
No edit summary |
|||
| Line 8: | Line 8: | ||
The following items are keywords for the severity of an issue. | The following items are keywords for the severity of an issue. | ||
;'''sec-critical''': Exploitable vulnerabilities which can lead to the widespread compromise of many users. | ;'''sec-critical''': Exploitable vulnerabilities which can lead to the widespread compromise of many users requiring no more than normal browsing actions.. | ||
{| class="wikitable collapsible " style="width: 100%" | {| class="wikitable collapsible " style="width: 100%" | ||
! ''sec-critical Examples:'' | ! ''sec-critical Examples:'' | ||
|- | |- | ||
| | | | ||
* Overflows resulting in native code execution | * Overflows resulting in native code execution | ||
* JavaScript injection into browser chrome | * JavaScript injection into browser chrome | ||
* Launching of arbitrary local application with provided arguments | * Launching of arbitrary local application with provided arguments | ||
* Filetype spoofing where executables can masquerade as benign content types | * Filetype spoofing where executables can masquerade as benign content types | ||
* Installation & execution of plugins/modules with chrome/native privileges, without user consent or via user dialog fatigue | * Installation & execution of plugins/modules with chrome/native privileges, without user consent or via user dialog fatigue | ||
* | * The severity of web application bugs can depend on the value of the data that could be compromised. Flaws that could be considered critical include | ||
** XSS (Stored) | ** XSS (Stored) | ||
** CSRF | ** CSRF | ||
| Line 42: | Line 39: | ||
|} | |} | ||
;'''sec-moderate''': Vulnerabilities which can provide an attacker additional information or positioning that could be used in combination with other vulnerabilities. Disclosure of sensitive information that represents a violation of privacy but by itself does not expose the user or organization to immediate risk. The vulnerability combined with another moderate vulnerability could result in an attack of high or critical severity (aka stepping stone). Indefinite application Denial of Service (DoS) via corruption of state, requiring application re-installation or temporary DoS of the user's system, requiring reboot. The lack of standard defense in depth techniques and security controls. | ;'''sec-moderate''': Vulnerabilities which can provide an attacker additional information or positioning that could be used in combination with other vulnerabilities. Disclosure of sensitive information that represents a violation of privacy but by itself does not expose the user or organization to immediate risk. The vulnerability combined with another moderate vulnerability could result in an attack of high or critical severity (aka stepping stone). Indefinite application Denial of Service (DoS) via corruption of state, requiring application re-installation or temporary DoS of the user's system, requiring reboot. The lack of standard defense in depth techniques and security controls. Client bugs that might have high or critical results but require the user perform unusual or complex actions to trigger. | ||
{| class="wikitable collapsible " style="width: 100%" | {| class="wikitable collapsible " style="width: 100%" | ||
! ''sec-moderate Examples:'' | ! ''sec-moderate Examples:'' | ||