This page describes the details of scan results for Web Security Scanner, how to interpret results, and results impact on logs.
Web Security Scanner detects the following classes of vulnerabilities:
- Cross-site scripting (XSS)
- Flash injection
- Clear text passwords
If any of these are found, then the result is highlighted for you to explore in detail.
findingType string values
The table below describes the valid string values for the
in a Web Security Scanner}
Finding resource. The
resource represents a vulnerability instance identified during a
findingType field indicates the type of the vulnerability.
findingType values are introduced when a vulnerability is added by
Google Cloud Platform (GCP). New vulnerability types can be added without
an update to the existing APIs. This page will be updated whenever a new
findingType value is introduced. Changes to the list of valid values will
always be noted in the Release Notes page.
||A page that was served over HTTPS also resources over HTTP. A man-in-the-middle attacker could tamper with the HTTP resource and gain full access to the website that loads the resource or to monitor the actions taken by the user.|
||The version of an included library is known to contain a security issue. The scanner checks the version of library in use against a known list of vulnerable libraries. False positives are possible if the version detection fails or if the library has been manually patched.|
||The value of a request parameter is reflected at the beginning of the response, for example, in requests using JSONP. Under certain circumstances, an attacker might be able to supply an alphanumeric-only Flash file in the vulnerable parameter. This can cause the browser to execute the Flash file as if it originated on the vulnerable server.|
||An application appears to be transmitting a password field in clear text. An attacker can eavesdrop network traffic and sniff the password field.|
An application returns sensitive content with an invalid content type, or
||An XSS vulnerability in AngularJS module that occurs when a user-provided string is interpolated by Angular.|
||A malformed or invalid valued header.|
||Misspelled security header name.|
||Mismatching values in a duplicate security header.|
||The scan found an accessible git repository.|
||The scan found an accessible SVN repository.|
Impact on logs
Traces of Web Security Scanner scans appear in your log files. For example,
Web Security Scanner generates requests for unusual strings like
/sfi9876. This enables the scan to examine your application's error pages.
These intentionally invalid page requests will appear in your logs.