Security Test: Server Error via Frontend¶
Description¶
Default Severity:
A Server Error usually means something went wrong on your end, like a bug or misconfiguration, leading to unexpected crashes or error messages. If these errors aren’t managed properly, they can unintentionally reveal details about your system that attackers might use to figure out weaknesses, potentially leading to service disruptions or unauthorized access to sensitive data. Often, developers might not cover every possible error or fail to properly log and monitor issues, making it even harder to detect and fix problems before they become serious risks.
Configuration¶
Identifier:
frontend_protocol/server_error
Examples¶
All configuration available:
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API5:2023 |
| OWASP LLM Top 10 | LLM04:2023 |
| PCI DSS | 6.5.5 |
| GDPR | Article-32 |
| SOC2 | CC1 |
| PSD2 | Article-95 |
| ISO 27001 | A.12.6 |
| NIST | SP800-53 |
| FedRAMP | AC-2 |
| CWE | 20 |
| CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:H/RL:O/RC:C |
| CVSS Score | 8.7 |