A05:2021 – Security Misconfiguration

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf OWASP Top 10 category
gptkbp:describes Security misconfiguration vulnerabilities
gptkbp:focusesOn Default configurations
Improperly configured security controls
Misconfigured HTTP headers
Open cloud storage
Unnecessary features enabled
Unnecessary services
Unpatched flaws
Verbose error messages
https://www.w3.org/2000/01/rdf-schema#label A05:2021 – Security Misconfiguration
gptkbp:partOf OWASP Top 10:2021
gptkbp:prevention Apply least privilege
Automated configuration management
Keep software up to date
Regular security reviews
Remove unused features
gptkbp:publishedBy gptkb:OWASP
gptkbp:rank 5
gptkbp:replacedBy A06:2017 – Security Misconfiguration
gptkbp:year 2021
gptkbp:bfsParent gptkb:OWASP_Top_10
gptkbp:bfsLayer 6