Security Test: Server Error¶
Description¶
Default Severity:
These errors happen when something goes wrong on the server side—like a misconfiguration or a bug—that wasn’t caught during development. They’re dangerous because they can reveal hints about how your system is set up or provide attackers with ways to probe for even bigger vulnerabilities. If these errors keep happening, users might lose trust in your platform and attackers could potentially exploit the underlying issues to disrupt service or get access to sensitive data. A common mistake is not handling all possible error scenarios or neglecting proper logging and monitoring, which not only lets these errors slip by unnoticed but also makes it harder to diagnose and fix the real problem.
Configuration¶
Identifier:
protocol/server_error
Examples¶
All configuration available:
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API5:2023 |
| OWASP LLM Top 10 | LLM04:2023 |
| PCI DSS | 6.5.5 |
| GDPR | Article-32 |
| SOC2 | CC1 |
| PSD2 | Article-95 |
| ISO 27001 | A.12.6 |
| NIST | SP800-53 |
| FedRAMP | AC-2 |
| CWE | 20 |
| CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:H/RL:O/RC:C |
| CVSS Score | 8.7 |