Vulnerability 1: Name and consequences of the vulnerability:
As a hacker, how can you exploit the vulnerability to attack the system? Provide a concrete example or specific steps.
As a developer, how can you ensure that vulnerability will not exist in your program? You only need to provide a high-level solution.
Vulnerability 2: Name and consequences of the vulnerability:
As a hacker, how can you exploit the vulnerability to attack the system? Provide a concrete example or specific steps.
As a developer, how can you ensure that vulnerability will not exist in your program? You only need to provide a high-level solution.
Vulnerability 3: Name and consequences of the vulnerability:
As a hacker, how can you exploit the vulnerability to attack the system? Provide a concrete example or specific steps.
As a developer, how can you ensure that vulnerability will not exist in your program? You only need to provide a high-level solution.
Vulnerability in cybersecurity means the weakness in the system that cybercriminals/hackers can make use of and gain unauthorized access to the system. As a result malicious attacks happen. If attacks happen then data present in the system can be harmed or can be stolen. Data in present world is like a gold mine. So, protection from the vulnerabilities is important in today's world.
Login functionalities specially should be protected. If this is properly protected then there is less chance of attacks.
3 vulnerabilities , consequences , example/exploit the vulnerability to attack the system and ensuring that vulnerability will not exist are as follows :
Name of vulnerability : Default credentials
Consequence of this vulnerability (result) : Attacker can gain access to complete system and stole the data or harm the data present in the system.
Example : default credentials such as “admin:admin” is easy to guess.
Ensuring that vulnerability will not exist (remedy) : the developers of the login page need to ensure that the default credentials are disabled or changed and a strong pair of non-guessable credentials should be used.
Step by stepSolved in 4 steps
- Think about the following case: You have software installation instructions in the form of executable code. Which kind of malicious software would it be if the executable code was modified both before and after installation? Please provide justification for your answer.arrow_forwardHow integral is software security to the whole software development lifecycle and stack?arrow_forwardIn your perspective, how risky is it to make use of such a program? Is there any chance that it may be harmful?arrow_forward
- The patching of systems, reduces the known vulnerabilities, zero-day andunknown vulnerabilities that can potentially cause a DoS through exploitation.arrow_forwardWhen a piece of software that people rely on stops working properly, it may be quite inconvenient for those individuals. Companies sell software of which they are aware to have bugs that might result in the program's malfunction; the question is, do these companies have a moral duty to reveal this information? Should they be required to compensate their clients financially in the event that their software malfunctions and results in monetary losses for those clients? Why shouldn't the software business be forced by law to guarantee its products? Manufacturers of consumer items are obligated to guarantee their products.arrow_forward