The IT Law Wiki
Don't have an account?
Register
Advertisement
Register
in: Definition, Security, Cloud computing

Insecure cloud interface

Revision as of 05:14, 7 April 2015 by Mdscott (talk | contribs) (Adding categories)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Edit

Definition[]

An insecure cloud interface is

present when easy to guess credentials are used or account enumeration is possible. Insecure cloud interfaces are easy to discover by simply reviewing the connection to the cloud interface and identifying if SSL is in use or by using the password reset mechanism to identify valid accounts which can lead to account enumeration.[1]

References[]

  1. OWASP, "Top 10 2014-I6 Insecure Cloud Interface" (full-text).
Community content is available under CC-BY-SA unless otherwise noted.
Advertisement