List of threat classes

Threat class	Description
catAbuseOfFunctionality	An attack technique that uses a website's own features and functionality to consume, defraud, or circumvents access controls mechanisms.
catApplicationMisconfiguration	These attacks exploit configuration weaknesses found in web applications.
catPrivacy	Sensitive information stored to disk in cleartext.
catQuality	Misconfiguration or flaws in a security mechanism are likely to result in dire consequences.
catBruteForce	An automated process of trial and error used to guess a person's username, password, credit-card number or cryptographic key.
catBufferOverflow	Attacks that alter the flow of an application by overwriting parts of memory with data that exceeds the allocated size of the buffer.
catContentSpoofing	An attack technique used to trick a user into believing that certain content appearing on a website is legitimate and not from an external source.
catCredentialSessionPrediction	A method of hijacking or impersonating a website user, by deducing or guessing the unique value that identifies a particular session or user.
catCrossSiteRequestForgery	An attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim.
catCrossSiteScripting	An attack technique that forces a website to echo attacker-supplied executable code, which loads in a user's browser.
catDenialOfService	An attack technique with the intent of preventing a website from serving normal user activity.
catDirectoryIndexing	Automatic directory listing/indexing is a web server function that lists all of the files within a requested directory if the normal base file (index.html/home.html/default.htm) is not present. Unintended directory listings may be possible due to software vulnerabilities combined with a specific web request.
catFingerprinting	The most common methodology for attackers is to first footprint the target's web presence and enumerate as much information as possible. With this information, the attacker may develop an accurate attack scenario, which will effectively exploit a vulnerability in the software type/version being utilized by the target host.
catFormatStringAttack	Attacks that alter the flow of an application by using string formatting library features to access other memory space.
catHTTPRequestSmuggling	An attack technique that abuses the discrepancy in parsing of non RFC compliant HTTP requests between two HTTP devices to smuggle a request to the second device "through" the first device.
catHTTPRequestSplitting	HTTP Request Splitting is an attack that enables forcing the browser to send arbitrary HTTP requests, inflicting XSS and poisoning the browser's cache.
catHTTPResponseSmuggling	A technique to "smuggle" 2 HTTP responses from a server to a client, through an intermediary HTTP device that expects (or allows) a single response from the server.
catHTTPResponseSplitting	The essence of HTTP Response Splitting is the attacker's ability to send a single HTTP request that forces the web server to form an output stream, which is then interpreted by the target as two HTTP responses instead of one.
catImproperFilesystemPermissions	A threat to the confidentiality, integrity and availability of a web application. The problem arises when incorrect filesystem permissions are set on files, folders, and symbolic links.
catImproperInputHandling	One of the most common weaknesses identified across applications today. Poorly handled input is a leading cause behind critical vulnerabilities that exist in systems and applications.
catImproperOutputHandling	If an application has improper output handling, the output data may be consumed leading to vulnerabilities and actions never intended by the application developer.
catInformationLeakage	An application weakness where an application reveals sensitive data, such as technical details of the web application, environment, or user-specific data.
catInsecureIndexing	A threat to the data confidentiality of the web site. Indexing web site contents via a process that has access to files which are not supposed to be publicly accessible has the potential of leaking information about the existence of such files, and about their content. In the process of indexing, such information is collected and stored by the indexing process, which can later be retrieved by a determined attacker, typically through a series of queries to the search engine.
catInsufficientAntiAutomation	When a website permits an attacker to automate a process that should only be performed manually.
catInsufficientAuthentication	Website permits an attacker to access sensitive content or functionality without having to properly authenticate.
catInsufficientAuthorization	When a website permits access to sensitive content or functionality that should require increased access control restrictions.
catWeakPasswordRecoveryValidation	When a web site permits an attacker to illegally obtain, change or recover another user's password.
catInsufficientProcessValidation	When a website permits an attacker to bypass or circumvent the intended flow control of an application.
catInsufficientSessionExpiration	When a website permits an attacker to reuse old session credentials or session IDs for authorization.
catInsufficientTransLayerProtection	Allows communication to be exposed to untrusted third-parties.
catIntegerOverflow	The condition that occurs when the result of an arithmetic operation, such as multiplication or addition, exceeds the maximum size of the integer type used to store it.
catLDAPInjection	An attack technique used to exploit websites that construct LDAP statements from user-supplied input.
catMailCommandInjection	An attack technique used to exploit mail servers and webmail applications that construct IMAP/SMTP statements from user-supplied input that is not properly sanitized.
catMaliciousContent	Application contains code that appears to be malicious.
catNullByteInjection	An active exploitation technique used to bypass sanity checking filters in web infrastructure by adding URL-encoded null byte characters to the user-supplied data.
catOSCommanding	An attack technique used to exploit websites by executing Operating System commands through manipulation of application input.
catPathTraversal	This is a technique that forces access to files, directories, and commands that potentially reside outside the web document root directory.
catPredictableResourceLocation	An attack technique used to uncover hidden website content and functionality, by making educated guesses.
catRemoteFileInclusion	An attack technique used to exploit "dynamic file include" mechanisms in web applications to trick the application into including remote files with malicious code.
catRoutingDetour	A type of "Man in the Middle" attack where Intermediaries can be injected or "hijacked" to route sensitive messages to an outside location.
catServerMisconfiguration	Exploits configuration weaknesses found in web servers and application servers.
catServerSideRequestForgery	Incorrect processing, sanitation, or validation of user input that contain elements later joined with URI.
catSessionFixation	An attack technique that forces a user's session ID to an explicit value. After a user's session ID has been fixed, the attacker will wait for them to login. Once the user does so, the attacker uses the predefined session ID value to assume their online identity.
catSOAPArrayAbuse	A web-service that expects an array can be the target of a XML DoS attack by forcing the SOAP server to build a huge array in the machine's memory, thus inflicting a DoS condition on the machine due to the memory pre-allocation.
catSQLInjection	An attack technique used to exploit websites that construct SQL statements from user-supplied input.
catSSIInjection	A server-side exploit technique that allows an attacker to send code into a web application, which will later be executed locally by the web server.
catURLRedirectoryAbuse	URL redirectors represent common functionality employed by web sites to forward an incoming request to an alternate resource, and can be used in phishing attacks.
catUserDefined	A test created by the user.
catXMLAttributeBlowup	A denial of service attack against XML parsers.
catXMLEntityExpansion	This exploits a capability in XML DTDs that allows the creation of custom macros, called entities, that can be used throughout a document. By recursively defining a set of custom entities at the top of a document, an attacker can overwhelm parsers that attempt to completely resolve the entities by forcing them to iterate almost indefinitely on these recursive definitions.
catXMLExternalEntities	This technique takes advantage of a feature of XML to build documents dynamically at the time of processing. An XML message can either provide data explicitly or by pointing to an URI where the data exists. In the attack technique, external entities may replace the entity value with malicious data, alternate referrals or may compromise the security of the data the server/XML application has access to.
catXMLInjection	An attack technique used to manipulate or compromise the logic of an XML application or service. The injection of unintended XML content and/or structures into an XML message can alter the intend logic of the application. Further, XML injection can cause the insertion of malicious content into the resulting message/document.
catXPathInjection	An attack technique used to exploit websites that construct XPath queries from user-supplied input.
catXQueryInjection	XQuery Injection is a variant of the classic SQL injection attack against the XML XQuery Language. XQuery Injection uses improperly validated data that is passed to XQuery commands.

catAbuseOfFunctionality

An attack technique that uses a website's own features and functionality to consume, defraud, or circumvents access controls mechanisms.

catApplicationMisconfiguration

These attacks exploit configuration weaknesses found in web applications.

catPrivacy

Sensitive information stored to disk in cleartext.

catQuality

Misconfiguration or flaws in a security mechanism are likely to result in dire consequences.

catBruteForce

An automated process of trial and error used to guess a person's username, password, credit-card number or cryptographic key.

catBufferOverflow

Attacks that alter the flow of an application by overwriting parts of memory with data that exceeds the allocated size of the buffer.

catContentSpoofing

An attack technique used to trick a user into believing that certain content appearing on a website is legitimate and not from an external source.

catCredentialSessionPrediction

A method of hijacking or impersonating a website user, by deducing or guessing the unique value that identifies a particular session or user.

catCrossSiteRequestForgery

An attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim.

catCrossSiteScripting

An attack technique that forces a website to echo attacker-supplied executable code, which loads in a user's browser.

catDenialOfService

An attack technique with the intent of preventing a website from serving normal user activity.

catDirectoryIndexing

Automatic directory listing/indexing is a web server function that lists all of the files within a requested directory if the normal base file (index.html/home.html/default.htm) is not present. Unintended directory listings may be possible due to software vulnerabilities combined with a specific web request.

catFingerprinting

The most common methodology for attackers is to first footprint the target's web presence and enumerate as much information as possible. With this information, the attacker may develop an accurate attack scenario, which will effectively exploit a vulnerability in the software type/version being utilized by the target host.

catFormatStringAttack

Attacks that alter the flow of an application by using string formatting library features to access other memory space.

catHTTPRequestSmuggling

An attack technique that abuses the discrepancy in parsing of non RFC compliant HTTP requests between two HTTP devices to smuggle a request to the second device "through" the first device.

catHTTPRequestSplitting

HTTP Request Splitting is an attack that enables forcing the browser to send arbitrary HTTP requests, inflicting XSS and poisoning the browser's cache.

catHTTPResponseSmuggling

A technique to "smuggle" 2 HTTP responses from a server to a client, through an intermediary HTTP device that expects (or allows) a single response from the server.

catHTTPResponseSplitting

The essence of HTTP Response Splitting is the attacker's ability to send a single HTTP request that forces the web server to form an output stream, which is then interpreted by the target as two HTTP responses instead of one.

catImproperFilesystemPermissions

A threat to the confidentiality, integrity and availability of a web application. The problem arises when incorrect filesystem permissions are set on files, folders, and symbolic links.

catImproperInputHandling

One of the most common weaknesses identified across applications today. Poorly handled input is a leading cause behind critical vulnerabilities that exist in systems and applications.

catImproperOutputHandling

If an application has improper output handling, the output data may be consumed leading to vulnerabilities and actions never intended by the application developer.

catInformationLeakage

An application weakness where an application reveals sensitive data, such as technical details of the web application, environment, or user-specific data.

catInsecureIndexing

A threat to the data confidentiality of the web site. Indexing web site contents via a process that has access to files which are not supposed to be publicly accessible has the potential of leaking information about the existence of such files, and about their content. In the process of indexing, such information is collected and stored by the indexing process, which can later be retrieved by a determined attacker, typically through a series of queries to the search engine.

catInsufficientAntiAutomation

When a website permits an attacker to automate a process that should only be performed manually.

catInsufficientAuthentication

Website permits an attacker to access sensitive content or functionality without having to properly authenticate.

catInsufficientAuthorization

When a website permits access to sensitive content or functionality that should require increased access control restrictions.

catWeakPasswordRecoveryValidation

When a web site permits an attacker to illegally obtain, change or recover another user's password.

catInsufficientProcessValidation

When a website permits an attacker to bypass or circumvent the intended flow control of an application.

catInsufficientSessionExpiration

When a website permits an attacker to reuse old session credentials or session IDs for authorization.

catInsufficientTransLayerProtection

Allows communication to be exposed to untrusted third-parties.

catIntegerOverflow

The condition that occurs when the result of an arithmetic operation, such as multiplication or addition, exceeds the maximum size of the integer type used to store it.

catLDAPInjection

An attack technique used to exploit websites that construct LDAP statements from user-supplied input.

catMailCommandInjection

An attack technique used to exploit mail servers and webmail applications that construct IMAP/SMTP statements from user-supplied input that is not properly sanitized.

catMaliciousContent

Application contains code that appears to be malicious.

catNullByteInjection

An active exploitation technique used to bypass sanity checking filters in web infrastructure by adding URL-encoded null byte characters to the user-supplied data.

catOSCommanding

An attack technique used to exploit websites by executing Operating System commands through manipulation of application input.

catPathTraversal

This is a technique that forces access to files, directories, and commands that potentially reside outside the web document root directory.

catPredictableResourceLocation

An attack technique used to uncover hidden website content and functionality, by making educated guesses.

catRemoteFileInclusion

An attack technique used to exploit "dynamic file include" mechanisms in web applications to trick the application into including remote files with malicious code.

catRoutingDetour

A type of "Man in the Middle" attack where Intermediaries can be injected or "hijacked" to route sensitive messages to an outside location.

catServerMisconfiguration

Exploits configuration weaknesses found in web servers and application servers.

catServerSideRequestForgery

Incorrect processing, sanitation, or validation of user input that contain elements later joined with URI.

catSessionFixation

An attack technique that forces a user's session ID to an explicit value. After a user's session ID has been fixed, the attacker will wait for them to login. Once the user does so, the attacker uses the predefined session ID value to assume their online identity.

catSOAPArrayAbuse

A web-service that expects an array can be the target of a XML DoS attack by forcing the SOAP server to build a huge array in the machine's memory, thus inflicting a DoS condition on the machine due to the memory pre-allocation.

catSQLInjection

An attack technique used to exploit websites that construct SQL statements from user-supplied input.

catSSIInjection

A server-side exploit technique that allows an attacker to send code into a web application, which will later be executed locally by the web server.

catURLRedirectoryAbuse

URL redirectors represent common functionality employed by web sites to forward an incoming request to an alternate resource, and can be used in phishing attacks.

catUserDefined

A test created by the user.

catXMLAttributeBlowup

A denial of service attack against XML parsers.

catXMLEntityExpansion

This exploits a capability in XML DTDs that allows the creation of custom macros, called entities, that can be used throughout a document. By recursively defining a set of custom entities at the top of a document, an attacker can overwhelm parsers that attempt to completely resolve the entities by forcing them to iterate almost indefinitely on these recursive definitions.

catXMLExternalEntities

This technique takes advantage of a feature of XML to build documents dynamically at the time of processing. An XML message can either provide data explicitly or by pointing to an URI where the data exists. In the attack technique, external entities may replace the entity value with malicious data, alternate referrals or may compromise the security of the data the server/XML application has access to.

catXMLInjection

An attack technique used to manipulate or compromise the logic of an XML application or service. The injection of unintended XML content and/or structures into an XML message can alter the intend logic of the application. Further, XML injection can cause the insertion of malicious content into the resulting message/document.

catXPathInjection

An attack technique used to exploit websites that construct XPath queries from user-supplied input.

catXQueryInjection

XQuery Injection is a variant of the classic SQL injection attack against the XML XQuery Language. XQuery Injection uses improperly validated data that is passed to XQuery commands.