Improper Assets Management - Version in Endpoint
Description
Improper Assets Management vulnerability occurs when outdated or vulnerable versions of software or libraries are exposed through endpoints. Attackers can exploit known vulnerabilities in these outdated versions to compromise systems. To mitigate, regularly update and patch software, monitor for vulnerabilities in dependencies, and use tools to scan for outdated components in endpoints.
Remediation
Maintain an up-to-date inventory of software, frameworks, and libraries used by your application. Regularly apply patches, security updates, and version upgrades to address known issues in dependencies. Employ automated scanning tools that monitor for vulnerabilities in third-party components exposed through your API endpoints. If older versions are necessary for legacy support, isolate them in segmented environments and enforce strict access controls. Conduct periodic reviews to confirm that all listed endpoints accurately reflect currently supported versions and do not expose outdated code paths to end users or automated scanning attacks.
References
https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/https://cwe.mitre.org/data/definitions/937.htmlSeverity
MEDIUMOwasp
Code: A06:2021
Category: Vulnerable and Outdated Components