314 – Insecure service configuration - DB
Description
The database server has insecure configurations.
Impact
Access the database and exploit vulnerabilities in the system configuration to affect the service.
Recommendation
Correctly configure the MySQL server.
Threat
Internet user with credentials.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: N
- Attack complexity: L
- Attack Requirements: N
- Privileges required: L
- User interaction: N
- Confidentiality (VC): L
- Integrity (VI): L
- Availability (VA): N
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: P