Software Vulnerability that Led to A Security Breach Type of Weakness Discussion
ANSWER
Summary of the Incident:
In 2017, the world witnessed a significant security breach related to a software vulnerability. Although it occurred in 2017, it continued to make headlines into 2018 due to its widespread impact. The software involved in this incident was Apache Struts, a popular open-source framework used in web applications.
The vulnerability, officially known as CVE-2017-5638, allowed attackers to execute remote code by sending a maliciously crafted HTTP request. Essentially, it was a remote code execution vulnerability that could compromise web servers and the data they hosted. Attackers could gain unauthorized access to sensitive information and even take control of the affected systems.
The consequences of this vulnerability were severe. One of the most notable breaches was the Equifax data breach, where personal and financial data of nearly 147 million individuals was exposed. Equifax, one of the major credit reporting agencies, faced significant public backlash and legal consequences. This breach underscored the importance of promptly applying software patches and the potential consequences of overlooking security updates.
CAPEC Codes and ID:
- Code: Execution with Unnecessary Privileges
- CAPEC ID: CAPEC-22
- URL: CAPEC-22
- Code: Input Validation
- CAPEC ID: CAPEC-74
- URL: CAPEC-74
- Code: Exploitation of Authentication Vulnerability
- CAPEC ID: CAPEC-49
- URL: CAPEC-49
The Equifax breach was a wake-up call for organizations worldwide, highlighting the critical importance of maintaining secure software and promptly addressing vulnerabilities to avoid disastrous consequences. This incident also emphasized the significance of thorough security testing and constant vigilance in the ever-evolving landscape of cybersecurity.
Question Description
I’m working on a Computer Science question and need guidance to help me study.
1. Find a 2018 or 2019 newspaper website article (no academic research articles) on a recent software vulnerability that led to a security breach. You need to find article that talks about how a specific software vulnerability was involved, so not just any security story will do! Write a 300 word summary (no graphics or tables) of the incident in your own words, describing what software was involved, what the vulnerability was, and what the consequences were. Be as specific as you.
2. Provide one or more CAPEC codes for the type of weakness(es) involved, and even include a CAPEC ID (see http://capec.mitre.org/) for the type of attack if possible. Note: for each code, you must provide the specific website url of code
Fill in the order form and submit all your files, including instructions, rubrics, and other information given to you by your instructor.
Once you complete filling the forms, complete your payment. We will get the order and assign it to a writer.
When your order is completed, it’s assigned to an editor for approval. The editor approves the order.
Once approved, we will upload the order to your account for you to download. You can rate your writer or give your customer review.
