| Risk Level | Number of Alerts |
|---|---|
|
High
|
0
|
|
Medium
|
1
|
|
Low
|
0
|
|
Informational
|
1
|
|
False Positives:
|
0
|
| Level | Reason | Site | Description | Statistic |
|---|---|---|---|---|
|
Info
|
Informational
|
https://synapp-expertise-dev-v2.synapp.eu
|
Percentage of responses with status code 5xx
|
100 %
|
|
Info
|
Informational
|
https://synapp-expertise-dev-v2.synapp.eu
|
Percentage of endpoints with content type text/html
|
100 %
|
|
Info
|
Informational
|
https://synapp-expertise-dev-v2.synapp.eu
|
Percentage of endpoints with method GET
|
100 %
|
|
Info
|
Informational
|
https://synapp-expertise-dev-v2.synapp.eu
|
Count of total endpoints
|
2
|
|
Info
|
Informational
|
https://synapp-expertise-dev-v2.synapp.eu
|
Percentage of slow responses
|
25 %
|
For each step: result (Pass/Fail) - risk (of highest alert(s) for the step, if any).
| Name | Risk Level | Number of Instances |
|---|---|---|
| Content Security Policy (CSP) Header Not Set | Medium | 3 |
| Non-Storable Content | Informational | 3 |
|
Medium |
Content Security Policy (CSP) Header Not Set |
|---|---|
| Description |
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
|
| URL | https://synapp-expertise-dev-v2.synapp.eu |
| Node Name | https://synapp-expertise-dev-v2.synapp.eu |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Other Info | |
| URL | https://synapp-expertise-dev-v2.synapp.eu/robots.txt |
| Node Name | https://synapp-expertise-dev-v2.synapp.eu/robots.txt |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Other Info | |
| URL | https://synapp-expertise-dev-v2.synapp.eu/sitemap.xml |
| Node Name | https://synapp-expertise-dev-v2.synapp.eu/sitemap.xml |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Other Info | |
| Instances | 3 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
|
| Reference |
https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html https://www.w3.org/TR/CSP/ https://w3c.github.io/webappsec-csp/ https://web.dev/articles/csp https://caniuse.com/#feat=contentsecuritypolicy https://content-security-policy.com/ |
| CWE Id | 693 |
| WASC Id | 15 |
| Plugin Id | 10038 |
|
Informational |
Non-Storable Content |
|---|---|
| Description |
The response contents are not storable by caching components such as proxy servers. If the response does not contain sensitive, personal or user-specific information, it may benefit from being stored and cached, to improve performance.
|
| URL | https://synapp-expertise-dev-v2.synapp.eu |
| Node Name | https://synapp-expertise-dev-v2.synapp.eu |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | 502 |
| Other Info | |
| URL | https://synapp-expertise-dev-v2.synapp.eu/robots.txt |
| Node Name | https://synapp-expertise-dev-v2.synapp.eu/robots.txt |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | 502 |
| Other Info | |
| URL | https://synapp-expertise-dev-v2.synapp.eu/sitemap.xml |
| Node Name | https://synapp-expertise-dev-v2.synapp.eu/sitemap.xml |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | 502 |
| Other Info | |
| Instances | 3 |
| Solution |
The content may be marked as storable by ensuring that the following conditions are satisfied:
The request method must be understood by the cache and defined as being cacheable ("GET", "HEAD", and "POST" are currently defined as cacheable)
The response status code must be understood by the cache (one of the 1XX, 2XX, 3XX, 4XX, or 5XX response classes are generally understood)
The "no-store" cache directive must not appear in the request or response header fields
For caching by "shared" caches such as "proxy" caches, the "private" response directive must not appear in the response
For caching by "shared" caches such as "proxy" caches, the "Authorization" header field must not appear in the request, unless the response explicitly allows it (using one of the "must-revalidate", "public", or "s-maxage" Cache-Control response directives)
In addition to the conditions above, at least one of the following conditions must also be satisfied by the response:
It must contain an "Expires" header field
It must contain a "max-age" response directive
For "shared" caches such as "proxy" caches, it must contain a "s-maxage" response directive
It must contain a "Cache Control Extension" that allows it to be cached
It must have a status code that is defined as cacheable by default (200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501).
|
| Reference |
https://datatracker.ietf.org/doc/html/rfc7234
https://datatracker.ietf.org/doc/html/rfc7231 https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html |
| CWE Id | 524 |
| WASC Id | 13 |
| Plugin Id | 10049 |