A11:2021 – Next Steps1 January 0001·Updated: 29 August 2024·734 words·4 minsOWASP Cybersecurity Vulnerability OffsecBy design, the OWASP Top 10 is innately limited to the ten most significant risks.
A10:2021 – Server-Side Request Forgery (SSRF)1 January 0001·Updated: 29 August 2024·603 words·3 minsOWASP Cybersecurity Vulnerability OffsecFactors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 1 2.
A09:2021 – Security Logging and Monitoring Failures1 January 0001·Updated: 29 August 2024·743 words·4 minsOWASP Cybersecurity Vulnerability OffsecFactors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 4 19.
A08:2021 – Software and Data Integrity Failures1 January 0001·Updated: 29 August 2024·740 words·4 minsOWASP Cybersecurity Vulnerability OffsecFactors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 10 16.
A07:2021 – Identification and Authentication Failures1 January 0001·Updated: 29 August 2024·709 words·4 minsOWASP Cybersecurity Vulnerability OffsecConfirmation of the user’s identity, authentication, and session management is critical to protect against authentication-related attacks.
A05:2021 – Security Misconfiguration1 January 0001·Updated: 29 August 2024·764 words·4 minsOWASP Cybersecurity Vulnerability OffsecFactors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 20 19.
A04:2021 – Insecure Design1 January 0001·Updated: 29 August 2024·1169 words·6 minsOWASP Cybersecurity Vulnerability Offsec#Factors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 40 24.
A03:2021 – Injection1 January 0001·Updated: 29 August 2024·927 words·5 minsOWASP Cybersecurity Vulnerability OffsecFactors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 33 19.
A02:2021 – Cryptographic Failures1 January 0001·Updated: 29 August 2024·1205 words·6 minsOWASP Cybersecurity Vulnerability OffsecFactors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 29 46.
A01:2021 - Broken Access Control1 January 0001·Updated: 24 August 2024·859 words·5 minsOWASP Cybersecurity Vulnerability OffsecFactors # CWEs Mapped Max Incidence Rate Avg Incidence Rate Avg Weighted Exploit Avg Weighted Impact Max Coverage Avg Coverage Total Occurrences Total CVEs 34 55.