Kingdom: Environment
This section includes everything that is outside of the source code but is still critical to the security of the product that is being created. Because the issues covered by this kingdom are not directly related to source code, we separated it from the rest of the kingdoms.
WCF Misconfiguration: Insufficient Audit Failure Handling
Abstract
The program is configured not to generate an exception when it fails to write to an audit log.
Explanation
If WCF is configured not to throw an exception when it is unable to write to an audit log, the program will not be notified of the failure and auditing of critical security events may not occur.
Example 1: The
Example 1: The
<behavior/> element of the following WCF configuration file instructs WCF to not notify the application when WCF fails to write to an audit log.
<behaviors>
<serviceBehaviors>
<behavior name="NewBehavior">
<serviceSecurityAudit auditLogLocation="Application"
suppressAuditFailure="true"
serviceAuthorizationAuditLevel="Success"
messageAuthenticationAuditLevel="Success" />
</behavior>
</serviceBehaviors>
</behaviors>
References
[1] Microsoft Developer Network (MSDN)
[2] Standards Mapping - CIS Azure Kubernetes Service Benchmark 1
[3] Standards Mapping - CIS Amazon Elastic Kubernetes Service Benchmark 3
[4] Standards Mapping - CIS Amazon Web Services Foundations Benchmark 1
[5] Standards Mapping - CIS Google Kubernetes Engine Benchmark normal
[6] Standards Mapping - CIS Kubernetes Benchmark partial
[7] Standards Mapping - Common Weakness Enumeration CWE ID 388
[8] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-000018, CCI-000130, CCI-000139, CCI-000169, CCI-000172, CCI-001403, CCI-001404, CCI-001405, CCI-001464, CCI-001814, CCI-001858, CCI-002130, CCI-002234, CCI-002884
[9] Standards Mapping - FIPS200 AU
[10] Standards Mapping - General Data Protection Regulation (GDPR) Indirect Access to Sensitive Data
[11] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-5 Response to Audit Processing Failures (P1)
[12] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-5 Response to Audit Logging Process Failures
[13] Standards Mapping - OWASP Top 10 2004 A7 Improper Error Handling
[14] Standards Mapping - OWASP Top 10 2007 A6 Information Leakage and Improper Error Handling
[15] Standards Mapping - OWASP Top 10 2013 A5 Security Misconfiguration
[16] Standards Mapping - OWASP Top 10 2017 A6 Security Misconfiguration
[17] Standards Mapping - OWASP Top 10 2021 A05 Security Misconfiguration
[18] Standards Mapping - OWASP API 2023 API8 Security Misconfiguration
[19] Standards Mapping - OWASP Mobile 2014 M1 Weak Server Side Controls
[20] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.7
[21] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.2, Requirement 6.5.6
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.5
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 10.3.4
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 10.3.4
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 10.3.4
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 10.3.4
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 10.2.2
[28] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 8.2 - Activity Tracking
[29] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 8.2 - Activity Tracking
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 8.2 - Activity Tracking
[31] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3120 CAT II
[32] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3120 CAT II
[33] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3120 CAT II
[34] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3120 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3120 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3120 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3120 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[39] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[40] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[41] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[42] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[43] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[44] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[45] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000710 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[46] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[47] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[48] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[49] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[50] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[51] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000340 CAT II, APSC-DV-000350 CAT II, APSC-DV-000360 CAT II, APSC-DV-000370 CAT II, APSC-DV-000420 CAT II, APSC-DV-000520 CAT II, APSC-DV-000620 CAT II, APSC-DV-000630 CAT II, APSC-DV-000640 CAT II, APSC-DV-000660 CAT II, APSC-DV-000680 CAT II, APSC-DV-000690 CAT II, APSC-DV-000700 CAT II, APSC-DV-000720 CAT II, APSC-DV-000730 CAT II, APSC-DV-000740 CAT II, APSC-DV-000750 CAT II, APSC-DV-000760 CAT II, APSC-DV-000770 CAT II, APSC-DV-000780 CAT II, APSC-DV-000790 CAT II, APSC-DV-000800 CAT II, APSC-DV-000810 CAT II, APSC-DV-000820 CAT II, APSC-DV-000830 CAT II, APSC-DV-000840 CAT II, APSC-DV-000850 CAT II, APSC-DV-000860 CAT II, APSC-DV-000870 CAT II, APSC-DV-000880 CAT II, APSC-DV-000910 CAT II, APSC-DV-000940 CAT II, APSC-DV-000950 CAT II, APSC-DV-000960 CAT II, APSC-DV-000970 CAT II, APSC-DV-001100 CAT II, APSC-DV-001110 CAT II, APSC-DV-001120 CAT II, APSC-DV-001420 CAT II, APSC-DV-001930 CAT II, APSC-DV-003360 CAT III
[52] Standards Mapping - Web Application Security Consortium Version 2.00 Information Leakage (WASC-13)
[53] Standards Mapping - Web Application Security Consortium 24 + 2 Information Leakage
desc.config.dotnet.wcf_misconfiguration_insufficient_audit_failure_handling