Application Misconfiguration attacks take advantage of configuration weaknesses found in web applications. In order to ease installation and configuration tasks, many software packages come preconfigured with vulnerabilities right out of the box. These Application Misconfigurations are options and/or features that can be easily exploited by attackers.
For example, default installations may include well-known usernames an
All of these misconfigurations make an application vulnerable to hackers seeking to access unauthorized sensitive information. Application Misconfigurations allow hackersto bypass authentication methods and gain access to sensitive information, perhaps even with elevatedprivileges.