ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S2598/impact.adoc
Loris S a0abb99f76
Modify S2596(javascript): Convert to LayC (#2901) 
This PR also removes the java folder because it is not implemented and
has no implementation plan. This PR was made spontaneously during
Daniel's onboarding.

---------

Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
2023-08-18 09:31:06 +00:00

44 lines
1.7 KiB
Plaintext
Raw Permalink Blame History

=== What is the potential impact?
After discovering this vulnerability, attackers may attempt to upload as many
different file types as possible, such as javascript files, bash scripts,
malware, or malicious configuration files targeting potential processes.
Below are some real-world scenarios that illustrate the potential impact of an
attacker exploiting the vulnerability.
==== Full application compromise
In the worst-case scenario, the attackers succeed in uploading a file recognized
by in an internal tool, triggering code execution.
Depending on the attacker, code execution can be used with different
intentions:
* Download the internal server's data, most likely to sell it.
* Modify data, install malware, for instance, malware that mines cryptocurrencies.
* Stop services or exhaust resources, for instance, with fork bombs.
==== Server Resource Exhaustion
By repeatedly uploading large files, an attacker can consume excessive server
resources, resulting in a denial of service.
If the component affected by this vulnerability is not a bottleneck that acts
as a single point of failure (SPOF) within the application, the denial of
service can only affect the attacker who caused it.
Even though a denial of service might have little direct impact, it can have
secondary impact in architectures that use containers and container
orchestrators. For example, it can cause unexpected container failures or
overuse of resources.
In some cases, it is also possible to force the product to "fail open" when
resources are exhausted, which means that some security features are disabled
in an emergency.
These threats are particularly insidious if the attacked organization does not
maintain a disaster recovery plan (DRP).
Reference in New Issue View Git Blame Copy Permalink