Technical severity | VRT category | Specific vulnerability name | Variant / Affected function |
---|---|---|---|
P1 | Server Security Misconfiguration | Using Default Credentials | |
P1 | Server-Side Injection | File Inclusion | Local |
P1 | Server-Side Injection | Remote Code Execution (RCE) | |
P1 | Server-Side Injection | SQL Injection | |
P1 | Server-Side Injection | XML External Entity Injection (XXE) | |
P1 | Broken Authentication and Session Management | Authentication Bypass | |
P1 | Sensitive Data Exposure | Disclosure of Secrets | For Publicly Accessible Asset |
P1 | Insecure OS/Firmware | Command Injection | |
P1 | Insecure OS/Firmware | Hardcoded Password | Privileged User |
P1 | Broken Cryptography | Cryptographic Flaw | Incorrect Usage |
P1 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | PII Leakage |
P1 | Automotive Security Misconfiguration | RF Hub | Key Fob Cloning |
P2 | Server Security Misconfiguration | Misconfigured DNS | High Impact Subdomain Takeover |
P2 | Server Security Misconfiguration | OAuth Misconfiguration | Account Takeover |
P2 | Sensitive Data Exposure | Weak Password Reset Implementation | Token Leakage via Host Header Poisoning |
P2 | Cross-Site Scripting (XSS) | Stored | Non-Privileged User to Anyone |
P2 | Broken Access Control (BAC) | Server-Side Request Forgery (SSRF) | Internal High Impact |
P2 | Cross-Site Request Forgery (CSRF) | Application-Wide | |
P2 | Application-Level Denial-of-Service (DoS) | Critical Impact and/or Easy Difficulty | |
P2 | Insecure OS/Firmware | Hardcoded Password | Non-Privileged User |
P2 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | OTA Firmware Manipulation |
P2 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | Code Execution (CAN Bus Pivot) |
P2 | Automotive Security Misconfiguration | RF Hub | CAN Injection / Interaction |
P3 | Server Security Misconfiguration | Misconfigured DNS | Basic Subdomain Takeover |
P3 | Server Security Misconfiguration | Mail Server Misconfiguration | No Spoofing Protection on Email Domain |
P3 | Server-Side Injection | HTTP Response Manipulation | Response Splitting (CRLF) |
P3 | Server-Side Injection | Content Spoofing | iframe Injection |
P3 | Broken Authentication and Session Management | Second Factor Authentication (2FA) Bypass | |
P3 | Broken Authentication and Session Management | Session Fixation | Remote Attack Vector |
P3 | Sensitive Data Exposure | Disclosure of Secrets | For Internal Asset |
P3 | Sensitive Data Exposure | EXIF Geolocation Data Not Stripped From Uploaded Images | Automatic User Enumeration |
P3 | Cross-Site Scripting (XSS) | Stored | Privileged User to Privilege Elevation |
P3 | Cross-Site Scripting (XSS) | Stored | CSRF/URL-Based |
P3 | Cross-Site Scripting (XSS) | Reflected | Non-Self |
P3 | Broken Access Control (BAC) | Server-Side Request Forgery (SSRF) | Internal Scan and/or Medium Impact |
P3 | Application-Level Denial-of-Service (DoS) | High Impact and/or Medium Difficulty | |
P3 | Client-Side Injection | Binary Planting | Default Folder Privilege Escalation |
P3 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | Code Execution (No CAN Bus Pivot) |
P3 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | Unauthorized Access to Services (API / Endpoints) |
P3 | Automotive Security Misconfiguration | RF Hub | Data Leakage / Pull Encryption Mechanism |
P3 | Automotive Security Misconfiguration | CAN | Injection (Battery Management System) |
P3 | Automotive Security Misconfiguration | CAN | Injection (Steering Control) |
P3 | Automotive Security Misconfiguration | CAN | Injection (Pyrotechnical Device Deployment Tool) |
P3 | Automotive Security Misconfiguration | CAN | Injection (Headlights) |
P3 | Automotive Security Misconfiguration | CAN | Injection (Sensors) |
P3 | Automotive Security Misconfiguration | CAN | Injection (Vehicle Anti-theft Systems) |
P3 | Automotive Security Misconfiguration | CAN | Injection (Powertrain) |
P3 | Automotive Security Misconfiguration | CAN | Injection (Basic Safety Message) |
P3 | Automotive Security Misconfiguration | Battery Management System | Firmware Dump |
P3 | Automotive Security Misconfiguration | Immobilizer | Engine Start |
P3 | Automotive Security Misconfiguration | Automatic Braking System (ABS) | Unintended Acceleration / Brake |
P4 | Server Security Misconfiguration | Misconfigured DNS | Zone Transfer |
P4 | Server Security Misconfiguration | Mail Server Misconfiguration | Email Spoofing to Inbox due to Missing or Misconfigured DMARC on Email Domain |
P4 | Server Security Misconfiguration | Database Management System (DBMS) Misconfiguration | Excessively Privileged User / DBA |
P4 | Server Security Misconfiguration | Lack of Password Confirmation | Delete Account |
P4 | Server Security Misconfiguration | No Rate Limiting on Form | Registration |
P4 | Server Security Misconfiguration | No Rate Limiting on Form | Login |
P4 | Server Security Misconfiguration | No Rate Limiting on Form | Email-Triggering |
P4 | Server Security Misconfiguration | No Rate Limiting on Form | SMS-Triggering |
P4 | Server Security Misconfiguration | Missing Secure or HTTPOnly Cookie Flag | Session Token |
P4 | Server Security Misconfiguration | Clickjacking | Sensitive Click-Based Action |
P4 | Server Security Misconfiguration | OAuth Misconfiguration | Account Squatting |
P4 | Server Security Misconfiguration | CAPTCHA | Implementation Vulnerability |
P4 | Server Security Misconfiguration | Lack of Security Headers | Cache-Control for a Sensitive Page |
P4 | Server Security Misconfiguration | Web Application Firewall (WAF) Bypass | Direct Server Access |
P4 | Server-Side Injection | Content Spoofing | Impersonation via Broken Link Hijacking |
P4 | Server-Side Injection | Content Spoofing | External Authentication Injection |
P4 | Server-Side Injection | Content Spoofing | Email HTML Injection |
P4 | Server-Side Injection | Server-Side Template Injection (SSTI) | Basic |
P4 | Broken Authentication and Session Management | Cleartext Transmission of Session Token | |
P4 | Broken Authentication and Session Management | Weak Login Function | Other Plaintext Protocol with no Secure Alternative |
P4 | Broken Authentication and Session Management | Weak Login Function | Over HTTP |
P4 | Broken Authentication and Session Management | Failure to Invalidate Session | On Logout (Client and Server-Side) |
P4 | Broken Authentication and Session Management | Failure to Invalidate Session | On Password Reset and/or Change |
P4 | Broken Authentication and Session Management | Weak Registration Implementation | Over HTTP |
P4 | Sensitive Data Exposure | Disclosure of Secrets | Pay-Per-Use Abuse |
P4 | Sensitive Data Exposure | EXIF Geolocation Data Not Stripped From Uploaded Images | Manual User Enumeration |
P4 | Sensitive Data Exposure | Visible Detailed Error/Debug Page | Detailed Server Configuration |
P4 | Sensitive Data Exposure | Token Leakage via Referer | Untrusted 3rd Party |
P4 | Sensitive Data Exposure | Token Leakage via Referer | Over HTTP |
P4 | Sensitive Data Exposure | Sensitive Token in URL | User Facing |
P4 | Sensitive Data Exposure | Weak Password Reset Implementation | Password Reset Token Sent Over HTTP |
P4 | Sensitive Data Exposure | Via localStorage/sessionStorage | Sensitive Token |
P4 | Cross-Site Scripting (XSS) | Stored | Privileged User to No Privilege Elevation |
P4 | Cross-Site Scripting (XSS) | IE-Only | IE11 |
P4 | Cross-Site Scripting (XSS) | Referer | |
P4 | Cross-Site Scripting (XSS) | Universal (UXSS) | |
P4 | Cross-Site Scripting (XSS) | Off-Domain | Data URI |
P4 | Broken Access Control (BAC) | Server-Side Request Forgery (SSRF) | External |
P4 | Broken Access Control (BAC) | Username/Email Enumeration | Non-Brute Force |
P4 | Unvalidated Redirects and Forwards | Open Redirect | GET-Based |
P4 | Insufficient Security Configurability | No Password Policy | |
P4 | Insufficient Security Configurability | Weak Password Reset Implementation | Token is Not Invalidated After Use |
P4 | Insufficient Security Configurability | Weak 2FA Implementation | 2FA Secret Cannot be Rotated |
P4 | Insufficient Security Configurability | Weak 2FA Implementation | 2FA Secret Remains Obtainable After 2FA is Enabled |
P4 | Insecure Data Storage | Sensitive Application Data Stored Unencrypted | On External Storage |
P4 | Insecure Data Storage | Server-Side Credentials Storage | Plaintext |
P4 | Insecure Data Transport | Executable Download | No Secure Integrity Check |
P4 | Privacy Concerns | Unnecessary Data Collection | WiFi SSID+Password |
P4 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | Source Code Dump |
P4 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | Denial of Service (DoS / Brick) |
P4 | Automotive Security Misconfiguration | Infotainment, Radio Head Unit | Default Credentials |
P4 | Automotive Security Misconfiguration | RF Hub | Unauthorized Access / Turn On |
P4 | Automotive Security Misconfiguration | CAN | Injection (Disallowed Messages) |
P4 | Automotive Security Misconfiguration | CAN | Injection (DoS) |
P4 | Automotive Security Misconfiguration | Battery Management System | Fraudulent Interface |
P4 | Automotive Security Misconfiguration | GNSS / GPS | Spoofing |
P4 | Automotive Security Misconfiguration | Roadside Unit (RSU) | Sybil Attack |
P5 | Server Security Misconfiguration | Directory Listing Enabled | Non-Sensitive Data Exposure |
P5 | Server Security Misconfiguration | Same-Site Scripting | |
P5 | Server Security Misconfiguration | Misconfigured DNS | Missing Certification Authority Authorization (CAA) Record |
P5 | Server Security Misconfiguration | Mail Server Misconfiguration | Email Spoofing to Spam Folder |
P5 | Server Security Misconfiguration | Mail Server Misconfiguration | Missing or Misconfigured SPF and/or DKIM |
P5 | Server Security Misconfiguration | Mail Server Misconfiguration | Email Spoofing on Non-Email Domain |
P5 | Server Security Misconfiguration | Lack of Password Confirmation | Change Email Address |
P5 | Server Security Misconfiguration | Lack of Password Confirmation | Change Password |
P5 | Server Security Misconfiguration | Lack of Password Confirmation | Manage 2FA |
P5 | Server Security Misconfiguration | No Rate Limiting on Form | Change Password |
P5 | Server Security Misconfiguration | Unsafe File Upload | No Antivirus |
P5 | Server Security Misconfiguration | Unsafe File Upload | No Size Limit |
P5 | Server Security Misconfiguration | Unsafe File Upload | File Extension Filter Bypass |
P5 | Server Security Misconfiguration | Cookie Scoped to Parent Domain | |
P5 | Server Security Misconfiguration | Missing Secure or HTTPOnly Cookie Flag | Non-Session Cookie |
P5 | Server Security Misconfiguration | Clickjacking | Form Input |
P5 | Server Security Misconfiguration | Clickjacking | Non-Sensitive Action |
P5 | Server Security Misconfiguration | CAPTCHA | Brute Force |
P5 | Server Security Misconfiguration | CAPTCHA | Missing |
P5 | Server Security Misconfiguration | Exposed Admin Portal | To Internet |
P5 | Server Security Misconfiguration | Missing DNSSEC | |
P5 | Server Security Misconfiguration | Fingerprinting/Banner Disclosure | |
P5 | Server Security Misconfiguration | Username/Email Enumeration | Brute Force |
P5 | Server Security Misconfiguration | Potentially Unsafe HTTP Method Enabled | OPTIONS |
P5 | Server Security Misconfiguration | Potentially Unsafe HTTP Method Enabled | TRACE |
P5 | Server Security Misconfiguration | Insecure SSL | Lack of Forward Secrecy |
P5 | Server Security Misconfiguration | Insecure SSL | Insecure Cipher Suite |
P5 | Server Security Misconfiguration | Insecure SSL | Certificate Error |
P5 | Server Security Misconfiguration | Reflected File Download (RFD) | |
P5 | Server Security Misconfiguration | Lack of Security Headers | X-Frame-Options |
P5 | Server Security Misconfiguration | Lack of Security Headers | Cache-Control for a Non-Sensitive Page |
P5 | Server Security Misconfiguration | Lack of Security Headers | X-XSS-Protection |
P5 | Server Security Misconfiguration | Lack of Security Headers | Strict-Transport-Security |
P5 | Server Security Misconfiguration | Lack of Security Headers | X-Content-Type-Options |
P5 | Server Security Misconfiguration | Lack of Security Headers | Content-Security-Policy |
P5 | Server Security Misconfiguration | Lack of Security Headers | Public-Key-Pins |
P5 | Server Security Misconfiguration | Lack of Security Headers | X-Content-Security-Policy |
P5 | Server Security Misconfiguration | Lack of Security Headers | X-Webkit-CSP |
P5 | Server Security Misconfiguration | Lack of Security Headers | Content-Security-Policy-Report-Only |
P5 | Server Security Misconfiguration | Bitsquatting | |
P5 | Server-Side Injection | Parameter Pollution | Social Media Sharing Buttons |
P5 | Server-Side Injection | Content Spoofing | Flash Based External Authentication Injection |
P5 | Server-Side Injection | Content Spoofing | Email Hyperlink Injection Based on Email Provider |
P5 | Server-Side Injection | Content Spoofing | Text Injection |
P5 | Server-Side Injection | Content Spoofing | Homograph/IDN-Based |
P5 | Server-Side Injection | Content Spoofing | Right-to-Left Override (RTLO) |
P5 | Broken Authentication and Session Management | Weak Login Function | Not Operational or Intended Public Access |
P5 | Broken Authentication and Session Management | Session Fixation | Local Attack Vector |
P5 | Broken Authentication and Session Management | Failure to Invalidate Session | On Logout (Server-Side Only) |
P5 | Broken Authentication and Session Management | Failure to Invalidate Session | Concurrent Sessions On Logout |
P5 | Broken Authentication and Session Management | Failure to Invalidate Session | On Email Change |
P5 | Broken Authentication and Session Management | Failure to Invalidate Session | On 2FA Activation/Change |
P5 | Broken Authentication and Session Management | Failure to Invalidate Session | Long Timeout |
P5 | Broken Authentication and Session Management | Concurrent Logins | |
P5 | Sensitive Data Exposure | Disclosure of Secrets | Intentionally Public, Sample or Invalid |
P5 | Sensitive Data Exposure | Disclosure of Secrets | Data/Traffic Spam |
P5 | Sensitive Data Exposure | Disclosure of Secrets | Non-Corporate User |
P5 | Sensitive Data Exposure | Visible Detailed Error/Debug Page | Full Path Disclosure |
P5 | Sensitive Data Exposure | Visible Detailed Error/Debug Page | Descriptive Stack Trace |
P5 | Sensitive Data Exposure | Disclosure of Known Public Information | |
P5 | Sensitive Data Exposure | Token Leakage via Referer | Trusted 3rd Party |
P5 | Sensitive Data Exposure | Sensitive Token in URL | In the Background |
P5 | Sensitive Data Exposure | Sensitive Token in URL | On Password Reset |
P5 | Sensitive Data Exposure | Non-Sensitive Token in URL | |
P5 | Sensitive Data Exposure | Mixed Content (HTTPS Sourcing HTTP) | |
P5 | Sensitive Data Exposure | Sensitive Data Hardcoded | OAuth Secret |
P5 | Sensitive Data Exposure | Sensitive Data Hardcoded | File Paths |
P5 | Sensitive Data Exposure | Internal IP Disclosure | |
P5 | Sensitive Data Exposure | JSON Hijacking | |
P5 | Sensitive Data Exposure | Via localStorage/sessionStorage | Non-Sensitive Token |
P5 | Cross-Site Scripting (XSS) | Stored | Self |
P5 | Cross-Site Scripting (XSS) | Reflected | Self |
P5 | Cross-Site Scripting (XSS) | Flash-Based | |
P5 | Cross-Site Scripting (XSS) | Cookie-Based | |
P5 | Cross-Site Scripting (XSS) | IE-Only | XSS Filter Disabled |
P5 | Cross-Site Scripting (XSS) | IE-Only | Older Version (< IE11) |
P5 | Cross-Site Scripting (XSS) | TRACE Method | |
P5 | Broken Access Control (BAC) | Server-Side Request Forgery (SSRF) | DNS Query Only |
P5 | Cross-Site Request Forgery (CSRF) | Action-Specific | Logout |
P5 | Cross-Site Request Forgery (CSRF) | CSRF Token Not Unique Per Request | |
P5 | Cross-Site Request Forgery (CSRF) | Flash-Based | |
P5 | Application-Level Denial-of-Service (DoS) | App Crash | Malformed Android Intents |
P5 | Application-Level Denial-of-Service (DoS) | App Crash | Malformed iOS URL Schemes |
P5 | Unvalidated Redirects and Forwards | Open Redirect | POST-Based |
P5 | Unvalidated Redirects and Forwards | Open Redirect | Header-Based |
P5 | Unvalidated Redirects and Forwards | Open Redirect | Flash-Based |
P5 | Unvalidated Redirects and Forwards | Tabnabbing | |
P5 | Unvalidated Redirects and Forwards | Lack of Security Speed Bump Page | |
P5 | External Behavior | Browser Feature | Plaintext Password Field |
P5 | External Behavior | Browser Feature | Save Password |
P5 | External Behavior | Browser Feature | Autocomplete Enabled |
P5 | External Behavior | Browser Feature | Autocorrect Enabled |
P5 | External Behavior | Browser Feature | Aggressive Offline Caching |
P5 | External Behavior | CSV Injection | |
P5 | External Behavior | Captcha Bypass | Crowdsourcing |
P5 | External Behavior | System Clipboard Leak | Shared Links |
P5 | External Behavior | User Password Persisted in Memory | |
P5 | Insufficient Security Configurability | Weak Password Policy | |
P5 | Insufficient Security Configurability | Password Policy Bypass | |
P5 | Insufficient Security Configurability | Weak Password Reset Implementation | Token is Not Invalidated After Email Change |
P5 | Insufficient Security Configurability | Weak Password Reset Implementation | Token is Not Invalidated After Password Change |
P5 | Insufficient Security Configurability | Weak Password Reset Implementation | Token Has Long Timed Expiry |
P5 | Insufficient Security Configurability | Weak Password Reset Implementation | Token is Not Invalidated After New Token is Requested |
P5 | Insufficient Security Configurability | Weak Password Reset Implementation | Token is Not Invalidated After Login |
P5 | Insufficient Security Configurability | Verification of Contact Method not Required | |
P5 | Insufficient Security Configurability | Lack of Notification Email | |
P5 | Insufficient Security Configurability | Weak Registration Implementation | Allows Disposable Email Addresses |
P5 | Insufficient Security Configurability | Weak 2FA Implementation | Missing Failsafe |
P5 | Insufficient Security Configurability | Weak 2FA Implementation | 2FA Code is Not Updated After New Code is Requested |
P5 | Insufficient Security Configurability | Weak 2FA Implementation | Old 2FA Code is Not Invalidated After New Code is Generated |
P5 | Using Components with Known Vulnerabilities | Rosetta Flash | |
P5 | Using Components with Known Vulnerabilities | Outdated Software Version | |
P5 | Using Components with Known Vulnerabilities | Captcha Bypass | OCR (Optical Character Recognition) |
P5 | Insecure Data Storage | Sensitive Application Data Stored Unencrypted | On Internal Storage |
P5 | Insecure Data Storage | Non-Sensitive Application Data Stored Unencrypted | |
P5 | Insecure Data Storage | Screen Caching Enabled | |
P5 | Lack of Binary Hardening | Lack of Exploit Mitigations | |
P5 | Lack of Binary Hardening | Lack of Jailbreak Detection | |
P5 | Lack of Binary Hardening | Lack of Obfuscation | |
P5 | Lack of Binary Hardening | Runtime Instrumentation-Based | |
P5 | Insecure Data Transport | Executable Download | Secure Integrity Check |
P5 | Network Security Misconfiguration | Telnet Enabled | |
P5 | Mobile Security Misconfiguration | SSL Certificate Pinning | Absent |
P5 | Mobile Security Misconfiguration | SSL Certificate Pinning | Defeatable |
P5 | Mobile Security Misconfiguration | Tapjacking | |
P5 | Mobile Security Misconfiguration | Clipboard Enabled | |
P5 | Mobile Security Misconfiguration | Auto Backup Allowed by Default | |
P5 | Client-Side Injection | Binary Planting | Non-Default Folder Privilege Escalation |
P5 | Client-Side Injection | Binary Planting | No Privilege Escalation |
P5 | Automotive Security Misconfiguration | RF Hub | Roll Jam |
P5 | Automotive Security Misconfiguration | RF Hub | Replay |
P5 | Automotive Security Misconfiguration | RF Hub | Relay |
Varies | Server Security Misconfiguration | Unsafe Cross-Origin Resource Sharing | |
Varies | Server Security Misconfiguration | Path Traversal | |
Varies | Server Security Misconfiguration | Directory Listing Enabled | Sensitive Data Exposure |
Varies | Server Security Misconfiguration | SSL Attack (BREACH, POODLE etc.) | |
Varies | Server Security Misconfiguration | OAuth Misconfiguration | Missing/Broken State Parameter |
Varies | Server Security Misconfiguration | OAuth Misconfiguration | Insecure Redirect URI |
Varies | Server Security Misconfiguration | Race Condition | |
Varies | Server Security Misconfiguration | Cache Poisoning | |
Varies | Server-Side Injection | Server-Side Template Injection (SSTI) | Custom |
Varies | Broken Authentication and Session Management | Privilege Escalation | |
Varies | Sensitive Data Exposure | Cross Site Script Inclusion (XSSI) | |
Varies | Broken Access Control (BAC) | Insecure Direct Object References (IDOR) | |
Varies | Broken Access Control (BAC) | Exposed Sensitive Android Intent | |
Varies | Broken Access Control (BAC) | Exposed Sensitive iOS URL Scheme | |
Varies | Cross-Site Request Forgery (CSRF) | Action-Specific | Authenticated Action |
Varies | Cross-Site Request Forgery (CSRF) | Action-Specific | Unauthenticated Action |
Varies | Insecure Data Transport | Cleartext Transmission of Sensitive Data | |
Varies | Indicators of Compromise |