Fixing-errors

CHANGELOG.md

@@ -13,10 +13,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this p
 ## [v1.11](https://github.com/bugcrowd/vulnerability-rating-taxonomy/compare/v1.10...v1.11) - 2023-11-20
 ### Added
 - Sensitive Data Exposure - Disclosure of Secrets - PII Leakage/Exposure: VARIES
-- Sensitive Data Exposure - Disclosure of Secrets - Sensitive data Leakage/Exposure: P1
 - Server-Side Injection - Content Spoofing - HTML Content Injection: P5
 - Broken Authentication and Session Management - Failure to invalidate session - Permission change: VARIES
 - Server Security Misconfiguration - Request Smuggling: VARIES
+- Server-Side Injection - LDAP Injection: VARIES
 - Cryptographic Weakness - Insufficient Entropy - Limited Random Number Generator (RNG) Entropy Source: P4
 - Cryptographic Weakness - Insufficient_Entropy - Use of True Random Number Generator (TRNG) for Non-Security Purpose: P5
 - Cryptographic Weakness - Insufficient_Entropy - Pseudo-Random Number Generator (PRNG) Seed Reuse: P5
@@ -48,33 +48,40 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this p
 - Cryptographic Weakness - Incomplete Cleanup of Keying Material: P5
 - Cryptographic Weakness - Broken Cryptography - Use of Broken Cryptographic Primitive: P3
 - Cryptographic Weakness - Broken Cryptography - Use of Vulnerable Cryptographic Library: P4
-- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Manipulate Non-Sensitive Information: P5
-- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Manipulate Sensitive Information | GUID/Complex Object Identifiers: P4
-- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Read Sensitive Information | Iteratable Object Identifiers: P3
-- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Alter Sensitive Information | Iteratable Object Identifiers: P2
-- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Read Sensitive Information (PII) | Iteratable Object Identifiers: P1
+- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Read/Edit/Delete Non-Sensitive Information: P5
+- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Read/Edit/Delete Sensitive Information/GUID/Complex Object Identifiers: P4
+- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Read Sensitive Information/Iterable Object Identifiers: P3
+- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Edit/Delete Sensitive Information/Iterable Object Identifiers: P2
+- Broken Access Control (BAC) - Insecure Direct Object References (IDOR) - Read/Edit/Delete Sensitive Information (PII)/Iterable Object Identifier: P1
 
 ### Changed
 FROM: 
 - Cross-Site Scripting (XSS) - IE-Only - Older Version (< IE11): P5
+
 TO: 
 - Cross-Site Scripting (XSS) - IE-Only: P5
 
-- FROM:
+FROM:
 - Broken Access Control (BAC) - Server-Side Request Forgery (SSRF) - Internal High Impact: P2
 - Broken Access Control (BAC) - Server-Side Request Forgery (SSRF) - Internal Scan and/or Medium Impact: P3
 - Broken Access Control (BAC) - Server-Side Request Forgery (SSRF) - External: P4
 - Broken Access Control (BAC) - Server-Side Request Forgery (SSRF) - DNS Query Only : P5
+
 TO:
 - Server Security Misconfiguration - Server-Side Request Forgery (SSRF) - Internal High Impact: P2
 - Server Security Misconfiguration - Server-Side Request Forgery (SSRF) - Internal Scan and/or Medium Impact: P3
 - Server Security Misconfiguration - Server-Side Request Forgery (SSRF) - External - Low impact: P5
 - Server Security Misconfiguration - Server-Side Request Forgery (SSRF) - External - DNS Query Only: P5
 
+FROM:
+- Automotive Security Misconfiguration - Infotainment, Radio Head Unit - PII Leakage: P1
+
+TO:
+- Automotive Security Misconfiguration - Infotainment, Radio Head Unit - Sensitive data Leakage/Exposure: P1
 ### Removed
 - Cross-Site Scripting (XSS) - IE-Only - IE11: P4
+- Cross-Site Scripting (XSS) - XSS Filter Disabled: P5
 - Broken Cryptography - Cryptographic Flaw - Incorrect Usage: P1
-- Automotive Security Misconfiguration - Infotainment, Radio Head Unit - PII Leakage: P1
 
 ## [v1.10.1](https://github.com/bugcrowd/vulnerability-rating-taxonomy/compare/v1.10...v1.10.1) - 2021-03-29
 ### Changed

deprecated-node-mapping.json

@@ -196,5 +196,41 @@
   },
   "automotive_security_misconfiguration.infotainment.default_credentials": {
     "1.10": "automotive_security_misconfiguration.infotainment_radio_head_unit.default_credentials"
+  },
+  "broken_cryptography": {
+    "1.11": "other"
+  },
+  "broken_cryptography.cryptographic_flaw": {
+    "1.11": "other"
+  },
+  "broken_cryptography.cryptographic_flaw.incorrect_usage": {
+    "1.11": "other"
+  },
+  "broken_cryptography.use_of_broken_cryptographic_primitive": {
+    "1.11": "cryptographic_weakness.broken_cryptography.use_of_broken_cryptographic_primitive"
+  },
+  "broken_cryptography.use_of_vulnerable_cryptographic_library": {
+    "1.11": "cryptographic_weakness.broken_cryptography.use_of_vulnerable_cryptographic_library"
+  },
+  "cross_site_scripting_xss.ie_only.older_version_ie11": {
+    "1.11": "other"
+  },
+  "cross_site_scripting_xss.ie_only.xss_filter_disabled": {
+    "1.11": "other"
+  },
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.pii_leakage": {
+    "1.11": "automotive_security_misconfiguration.infotainment_radio_head_unit.sensitive_data_leakage_exposure"
+  },
+  "broken_access_control.server_side_request_forgery_ssrf.internal_high_impact": {
+    "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.internal_high_impact"
+  },
+  "broken_access_control.server_side_request_forgery_ssrf.internal_scan_and_or_medium_impact": {
+    "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.internal_scan_and_or_medium_impact"
+  },
+  "broken_access_control.server_side_request_forgery_ssrf.dns_query_only": {
+    "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.external_dns_query_only"
+  },
+  "broken_access_control.server_side_request_forgery_ssrf.external": {
+    "1.11": "server_security_misconfiguration.server_side_request_forgery_ssrf.external_low_impact"
   }
 }

mappings/cvss_v3/cvss_v3.json

@@ -966,6 +966,19 @@
             }
           ]
         },
+        {
+          "id": "broken_cryptography",
+          "children": [
+            {
+              "id": "use_of_broken_cryptographic_primitive",
+              "cvss_v3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+            },
+            {
+              "id": "use_of_vulnerable_cryptographic_library",
+              "cvss_v3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"
+            }
+          ]
+        },
         {
           "id": "side_channel_attack",
           "children": [
@@ -1001,19 +1014,6 @@
         }
       ]
     },
-    {
-      "id": "broken_cryptography",
-      "children": [
-        {
-          "id": "use_of_broken_cryptographic_primitive",
-          "cvss_v3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
-        },
-        {
-          "id": "use_of_vulnerable_cryptographic_library",
-          "cvss_v3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"
-        }
-      ]
-    },
     {
       "id": "privacy_concerns",
       "children": [

mappings/cwe/cwe.json

@@ -552,6 +552,20 @@
             }
           ]
         },
+        {
+          "id": "broken_cryptography",
+          "cwe": ["CWE-327"],
+          "children": [
+            {
+              "id": "use_of_broken_cryptographic_primitive",
+              "cwe": ["CWE-327"]
+            },
+            {
+              "id": "use_of_vulnerable_cryptographic_library",
+              "cwe": ["CWE-327"]
+            }
+          ]
+        },
         {
           "id": "side_channel_attack",
           "cwe": ["CWE-203", "CWE-1300"],
@@ -588,20 +602,6 @@
         }
       ]
     },
-    {
-      "id": "broken_cryptography",
-      "cwe": ["CWE-327"],
-      "children": [
-        {
-          "id": "use_of_broken_cryptographic_primitive",
-          "cwe": ["CWE-327"]
-        },
-        {
-          "id": "use_of_vulnerable_cryptographic_library",
-          "cwe": ["CWE-327"]
-        }
-      ]
-    },
     {
       "id": "privacy_concerns",
       "cwe": ["CWE-359"]

mappings/remediation_advice/remediation_advice.json

@@ -1382,6 +1382,28 @@
             }
           ]
         },
+        {
+          "id": "broken_cryptography",
+          "children": [
+            {
+              "id": "use_of_broken_cryptographic_primitive",
+              "remediation_advice": "The use of broken, weak, or flawed cryptographic algorithms can allow an attacker to decrypt sensistive information.  Ensure the application makes use of only trustworthy cryprographic algorithms as indicated by relevant security standard(s) and regulation(s).",
+              "references": [
+                "https://codeql.github.com/codeql-query-help/java/java-weak-cryptographic-algorithm/",
+                "https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf",
+                "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf"
+              ]
+            },
+            {
+              "id": "use_of_vulnerable_cryptographic_library",
+              "remediation_advice": "The identification, patching, and disclosure of vulnerabilities in third-party libraries, including cryptographic libraries, is a daily occurrence.  In some cases, cryptographic libraries are deemed 'broken' and deprecated.  Ensure the application is updated to include the latest secure version of all third-party cryptographic libraries and replace known 'broken' cryptographic libraries with secure alternatives.",
+              "references": [
+                "https://www.ubiqsecurity.com/bouncy-castle-and-the-impact-of-cryptographic-vulnerabilities/",
+                "https://blog.cryptographyengineering.com/2013/09/20/rsa-warns-developers-against-its-own/"
+              ]
+            }
+          ]
+        },
         {
           "id": "side_channel_attack",
           "children": [
@@ -1449,28 +1471,6 @@
         }
       ]
     },
-    {
-      "id": "broken_cryptography",
-      "children": [
-        {
-          "id": "use_of_broken_cryptographic_primitive",
-          "remediation_advice": "The use of broken, weak, or flawed cryptographic algorithms can allow an attacker to decrypt sensistive information.  Ensure the application makes use of only trustworthy cryprographic algorithms as indicated by relevant security standard(s) and regulation(s).",
-          "references": [
-            "https://codeql.github.com/codeql-query-help/java/java-weak-cryptographic-algorithm/",
-            "https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf",
-            "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf"
-          ]
-        },
-        {
-          "id": "use_of_vulnerable_cryptographic_library",
-          "remediation_advice": "The identification, patching, and disclosure of vulnerabilities in third-party libraries, including cryptographic libraries, is a daily occurrence.  In some cases, cryptographic libraries are deemed 'broken' and deprecated.  Ensure the application is updated to include the latest secure version of all third-party cryptographic libraries and replace known 'broken' cryptographic libraries with secure alternatives.",
-          "references": [
-            "https://www.ubiqsecurity.com/bouncy-castle-and-the-impact-of-cryptographic-vulnerabilities/",
-            "https://blog.cryptographyengineering.com/2013/09/20/rsa-warns-developers-against-its-own/"
-          ]
-        }
-      ]
-    },
     {
       "id": "privacy_concerns",
       "remediation_advice": "1. Avoid storing unnecessary data where possible.\n2. Purge all known unnecessary data when identified on the device or application.\n3. Purge all known unnecessary data in known cached locations.\n4. Purge all known unnecessary data on known backup locations.",

third-party-mappings/remediation_training/secure-code-warrior-links.json

@@ -199,13 +199,10 @@
   "broken_access_control": null,
   "broken_access_control.idor": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:idor&redirect=true",
   "broken_access_control.idor.read_edit_delete_non_sensitive_information": null,
-  "broken_access_control.idor.read_edit_delete_sensitive_information": null,
-  "broken_access_control.idor.read_edit_delete_sensitive_information.complext_object_identifiers": null,
-  "broken_access_control.idor.read_sensitive_information": null,
-  "broken_access_control.idor.read_sensitive_information.iterable_object_identifiers": null,
-  "broken_access_control.idor.edit_delete_sensitive_information": null,
-  "broken_access_control.idor.edit_delete_sensitive_information.iterable_object_identifiers": null,
-  "broken_access_control.idor.edit_delete_sensitive_information.read_edit_delete_sensitive_information_pii": null,
+  "broken_access_control.idor.read_edit_delete_sensitive_information_guid": null,
+  "broken_access_control.idor.read_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.idor.edit_delete_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.idor.read_edit_delete_sensitive_information_iterable_object_identifiers": null,
   "broken_access_control.username_enumeration": null,
   "broken_access_control.username_enumeration.non_brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:username_enumeration:non_brute_force&redirect=true",
   "broken_access_control.exposed_sensitive_android_intent": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:exposed_sensitive_android_intent&redirect=true",
@@ -323,6 +320,9 @@
   "cryptographic_weakness.key_reuse.lack_of_perfect_forward_secrecy": null,
   "cryptographic_weakness.key_reuse.intra_environment": null,
   "cryptographic_weakness.key_reuse.inter_environment": null,
+  "cryptographic_weakness.broken_cryptography": null,
+  "cryptographic_weakness.broken_cryptography.use_of_broken_cryptographic_primitive": null,
+  "cryptographic_weakness.broken_cryptography.use_of_vulnerable_cryptographic_library": null,
   "cryptographic_weakness.side_channel_attack": null,
   "cryptographic_weakness.side_channel_attack.padding_oracle_attack": null,
   "cryptographic_weakness.side_channel_attack.timing_attack": null,
@@ -331,9 +331,6 @@
   "cryptographic_weakness.side_channel_attack.differential_fault_analysis": null,
   "cryptographic_weakness.use_of_expired_cryptographic_key_or_cert": null,
   "cryptographic_weakness.incomplete_cleanup_of_keying_material": null,
-  "broken_cryptography": null,
-  "broken_cryptography.use_of_broken_cryptographic_primitive": null,
-  "broken_cryptography.use_of_vulnerable_cryptographic_library": null,
   "privacy_concerns": null,
   "privacy_concerns.unnecessary_data_collection": null,
   "privacy_concerns.unnecessary_data_collection.wifi_ssid_password": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=privacy_concerns:unnecessary_data_collection:wifi_ssid_password&redirect=true",