Skip to content

Security Test: Frontend Software Component Leak

Description

Default Severity:

Software component leaks happen when a system accidentally reveals details about the software it uses, giving attackers clues about potential weaknesses. This typically occurs when default settings aren’t changed or when error and debug messages aren’t properly hidden, making it easier for attackers to identify outdated or vulnerable components. If these leaks go unaddressed, they can significantly increase the risk of compromise, as attackers know exactly where to look for security flaws within your system.

Configuration

Identifier: frontend_information_disclosure/software_component_leak

Examples

All configuration available:

checks:
  frontend_information_disclosure/software_component_leak:
    skip: false # default

Compliance and Standards

Standard Value
OWASP API Top 10 API8:2023
OWASP LLM Top 10 LLM06:2023
PCI DSS 6.5.3
GDPR Article-32
SOC2 CC1
PSD2 Article-95
ISO 27001 A.18.1
NIST SP800-53
FedRAMP AC-6
CWE 200
CVSS Vector AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS Score 5.3