Data protection

Public access to a known tool in debug mode

Platform(s)

  • Non-platform specific

Compliance Frameworks
  • CCPA
    • ,
  • CPRA
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • mpa
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • PDPA

Description

The public web page contains a tool running in debug mode and might expose sensitive information. By allowing public access to a tool that is in debug mode, it could potentially allow attackers to access sensitive information or perform other types of attacks. For example, an attacker could use the tool to view information about the system or network that would not normally be accessible in non-debug mode.
Need help?

Get a free Security Risk Assessment. Start today

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo