218 – Business information leak - Network Unit

Description

Different network units are used to identify the vulnerabilities present in the organization's network.

Impact

- Leverage breaches or security bottlenecks to cause a leakage of information. - Collect security event logs from the internal network.

Recommendation

- Check the network segmentation. - Secure transport encryption is crucial to encrypt the transmission in this layer.

Threat

Anonymous attacker in local network.

Expected Remediation Time

30 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: L
• Attack Requirements: N
• Privileges required: N
• User interaction: N
• Confidentiality (VC): L
• Integrity (VI): L
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: X

Requirements

• 176 - Restrict system objects
• 177 - Avoid caching and temporary files
• 261 - Avoid exposing sensitive information
• 300 - Mask sensitive data

Fixes

• Go
• Java
• Python
• Scala

Last updated

2024/02/16