From 54d62c67878c4f2f1cbfde223b18dd3be65c530a Mon Sep 17 00:00:00 2001 From: ArturRibeiro-CX <153724638+ArturRibeiro-CX@users.noreply.github.com> Date: Fri, 27 Sep 2024 17:23:23 +0000 Subject: [PATCH] docs(queries): update queries catalog --- docs/queries/all-queries.md | 196 ++++++------- .../0e75052f-cc02-41b8-ac39-a78017527e95.md | 2 +- .../1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md | 2 +- .../2e8d4922-8362-4606-8c14-aa10466a1ce3.md | 2 +- .../404908b6-4954-4611-98f0-e8ceacdabcb1.md | 2 +- .../59029ddf-e651-412b-ae7b-ff6d403184bc.md | 2 +- .../86b97bb4-85c9-462d-8635-cbc057c5c8c5.md | 2 +- .../88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md | 2 +- .../8d22ae91-6ac1-459f-95be-d37bd373f244.md | 2 +- .../01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md | 2 +- .../050f085f-a8db-4072-9010-2cca235cc02f.md | 2 +- .../0956aedf-6a7a-478b-ab56-63e2b19923ad.md | 2 +- .../0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md | 2 +- .../12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md | 2 +- .../133fee21-37ef-45df-a563-4d07edc169f4.md | 2 +- .../16732649-4ff6-4cd2-8746-e72c13fae4b8.md | 2 +- .../17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md | 2 +- .../1d972c56-8ec2-48c1-a578-887adb09c57a.md | 2 +- .../2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md | 2 +- .../2059155b-27fd-441e-b616-6966c468561f.md | 2 +- .../218413a0-c716-4b94-9e08-0bb70d854709.md | 2 +- .../22c80725-e390-4055-8d14-a872230f6607.md | 2 +- .../265d9725-2fb8-42a2-bc57-3279c5db82d5.md | 2 +- .../2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md | 2 +- .../32d31f1f-0f83-4721-b7ec-1e6948c60145.md | 2 +- .../338b6cab-961d-4998-bb49-e5b6a11c9a5c.md | 2 +- .../3505094c-f77c-4ba0-95da-f83db712f86c.md | 2 +- .../3ab1f27d-52cc-4943-af1d-43c1939e739a.md | 2 +- .../3ddf3417-424d-420d-8275-0724dc426520.md | 2 +- .../3f2cf811-88fa-4eda-be45-7a191a18aba9.md | 2 +- .../445dce51-7e53-4e50-80ef-7f94f14169e4.md | 2 +- .../4b6012e7-7176-46e4-8108-e441785eae57.md | 2 +- .../4d8681a2-3d30-4c89-8070-08acd142748e.md | 2 +- .../5330b503-3319-44ff-9b1c-00ee873f728a.md | 2 +- .../53bce6a8-5492-4b1b-81cf-664385f0c4bf.md | 2 +- .../5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md | 2 +- .../559439b2-3e9c-4739-ac46-17e3b24ec215.md | 2 +- .../57ced4b9-6ba4-487b-8843-b65562b90c77.md | 2 +- .../594f54e7-f744-45ab-93e4-c6dbaf6cd571.md | 2 +- .../5a443297-19d4-4381-9e5b-24faf947ec22.md | 2 +- .../5b9d237a-57d5-4177-be0e-71434b0fef47.md | 2 +- .../5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md | 2 +- .../5c6b727b-1382-4629-8ba9-abd1365e5610.md | 2 +- .../5e92d816-2177-4083-85b4-f61b4f7176d9.md | 2 +- .../5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md | 2 +- .../60bfbb8a-c72f-467f-a6dd-a46b7d612789.md | 2 +- .../61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md | 2 +- .../66477506-6abb-49ed-803d-3fa174cd5f6a.md | 2 +- .../6a647814-def5-4b85-88f5-897c19f509cd.md | 2 +- .../6a6d7e56-c913-4549-b5c5-5221e624d2ec.md | 2 +- .../6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md | 2 +- .../6f5f5444-1422-495f-81ef-24cefd61ed2c.md | 2 +- .../6fa44721-ef21-41c6-8665-330d59461163.md | 2 +- .../71397b34-1d50-4ee1-97cb-c96c34676f74.md | 2 +- .../71ea648a-d31a-4b5a-a589-5674243f1c33.md | 2 +- .../722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md | 2 +- .../727c4fd4-d604-4df6-a179-7713d3c85e20.md | 2 +- .../72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md | 2 +- .../730a5951-2760-407a-b032-dd629b55c23a.md | 2 +- .../75480b31-f349-4b9a-861f-bce19588e674.md | 2 +- .../7674a686-e4b1-4a95-83d4-1fd53c623d84.md | 2 +- .../7af1c447-c014-4f05-bd8b-ebe3a15734ac.md | 2 +- .../7cc6c791-5f68-4816-a564-b9b699f9d26e.md | 2 +- .../7db727c1-1720-468e-b80e-06697f71e09e.md | 2 +- .../7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md | 2 +- .../7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md | 2 +- .../8010e17a-00e9-4635-a692-90d6bcec68bd.md | 2 +- .../83c5fa4c-e098-48fc-84ee-0a537287ddd2.md | 2 +- .../857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md | 2 +- .../86b0efa7-4901-4edd-a37a-c034bec6645a.md | 2 +- .../8833f180-96f1-46f4-9147-849aafa56029.md | 2 +- .../8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md | 2 +- .../8d03993b-8384-419b-a681-d1f55149397c.md | 2 +- .../8ed0bfce-f780-46d4-b086-21c3628f09ad.md | 2 +- .../905f4741-f965-45c1-98db-f7a00a0e5c73.md | 2 +- .../9232306a-f839-40aa-b3ef-b352001da9a5.md | 2 +- .../97707503-a22c-4cd7-b7c0-f088fa7cf830.md | 2 +- .../9f34885e-c08f-4d13-a7d1-cf190c5bd268.md | 2 +- .../a0f1bfe0-741e-473f-b3b2-13e66f856fab.md | 2 +- .../a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md | 2 +- .../a14ad534-acbe-4a8e-9404-2f7e1045646e.md | 2 +- .../a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md | 2 +- .../a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md | 2 +- .../a2fdf451-89dd-451e-af92-bf6c0f4bab96.md | 2 +- .../a6d27cf7-61dc-4bde-ae08-3b353b609f76.md | 2 +- .../a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md | 2 +- .../af167837-9636-4086-b815-c239186b9dda.md | 2 +- .../af96d737-0818-4162-8c41-40d969bd65d1.md | 2 +- .../b16cdb37-ce15-4ab2-8401-d42b05d123fc.md | 2 +- .../b25398a2-0625-4e61-8e4d-a1bb23905bf6.md | 2 +- .../b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md | 2 +- .../b5ed026d-a772-4f07-97f9-664ba0b116f8.md | 2 +- .../b8a9852c-9943-4973-b8d5-77dae9352851.md | 2 +- .../babdedcf-d859-43da-9a7b-6d72e661a8fd.md | 2 +- .../bd77554e-f138-40c5-91b2-2a09f878608e.md | 2 +- .../c09e3ca5-f08a-4717-9c87-3919c5e6d209.md | 2 +- .../c09f4d3e-27d2-4d46-9453-abbe9687a64e.md | 2 +- .../c2f15af3-66a0-4176-a56e-e4711e502e5c.md | 2 +- .../c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md | 2 +- .../c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md | 2 +- .../d0c13053-d2c8-44a6-95da-d592996e9e67.md | 2 +- .../d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md | 2 +- .../d395a950-12ce-4314-a742-ac5a785ab44e.md | 2 +- .../d39761d7-94ab-45b0-ab5e-27c44e381d58.md | 2 +- .../d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md | 2 +- .../d5ec2080-340a-4259-b885-f833c4ea6a31.md | 2 +- .../d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md | 2 +- .../d994585f-defb-4b51-b6d2-c70f020ceb10.md | 2 +- .../defe5b18-978d-4722-9325-4d1975d3699f.md | 2 +- .../e01de151-a7bd-4db4-b49b-3c4775a5e881.md | 2 +- .../e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md | 2 +- .../e24e18d9-4c2b-4649-b3d0-18c088145e24.md | 2 +- .../e28ceb92-d588-4166-aac5-766c8f5b7472.md | 2 +- .../e401d614-8026-4f4b-9af9-75d1197461ba.md | 2 +- .../e69890e6-fce5-461d-98ad-cb98318dfc96.md | 2 +- .../e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md | 2 +- .../ea0ed1c7-9aef-4464-b7c7-94c762da3640.md | 2 +- .../ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md | 2 +- .../eafe4bc3-1042-4f88-b988-1939e64bf060.md | 2 +- .../ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md | 2 +- .../ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md | 2 +- .../eda7301d-1f3e-47cf-8d4e-976debc64341.md | 2 +- .../eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md | 2 +- .../f2ea6481-1d31-4d40-946a-520dc6321dd7.md | 2 +- .../f34508b9-f574-4330-b42d-88c44cced645.md | 2 +- .../f509931b-bbb0-443c-bd9b-10e92ecf2193.md | 2 +- .../f5587077-3f57-4370-9b4e-4eb5b1bac85b.md | 2 +- .../f5c45127-1d28-4b49-a692-0b97da1c3a84.md | 2 +- .../f5f38943-664b-4acc-ab11-f292fa10ed0b.md | 2 +- .../f81d63d2-c5d7-43a4-a5b5-66717a41c895.md | 2 +- .../fb5a5df7-6d74-4243-ab82-ff779a958bfd.md | 2 +- .../fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md | 2 +- .../ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md | 2 +- .../0461b4fd-21ef-4687-929e-484ee4796785.md | 2 +- .../054d07b5-941b-4c28-8eef-18989dc62323.md | 2 +- .../0632d0db-9190-450a-8bb3-c283bffea445.md | 2 +- .../0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md | 2 +- .../0d0c12b9-edce-4510-9065-13f6a758750c.md | 2 +- .../149fa56c-4404-4f90-9e25-d34b676d5b39.md | 2 +- .../1bc398a8-d274-47de-a4c8-6ac867b353de.md | 2 +- .../1e5f5307-3e01-438d-8da6-985307ed25ce.md | 2 +- .../23a4dc83-4959-4d99-8056-8e051a82bc1e.md | 2 +- .../29f35127-98e6-43af-8ec1-201b79f99604.md | 2 +- .../2a901825-0f3b-4655-a0fe-e0470e50f8e6.md | 2 +- .../2c99a474-2a3c-4c17-8294-53ffa5ed0522.md | 2 +- .../2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md | 2 +- .../35e2f133-a395-40de-a79d-b260d973d1bd.md | 2 +- .../37fafbea-dedb-4e0d-852e-d16ee0589326.md | 2 +- .../3f23c96c-f9f5-488d-9b17-605b8da5842f.md | 2 +- .../4d3817db-dd35-4de4-a80d-3867157e7f7f.md | 2 +- .../530e8291-2f22-4bab-b7ea-306f1bc2a308.md | 2 +- .../581dae78-307d-45d5-aae4-fe2b0db267a5.md | 2 +- .../5c80db8e-03f5-43a2-b4af-1f3f87018157.md | 2 +- .../663062e9-473d-4e87-99bc-6f3684b3df40.md | 2 +- .../69f72007-502e-457b-bd2d-5012e31ac049.md | 2 +- .../729ebb15-8060-40f7-9017-cb72676a5487.md | 4 +- .../7ab33ac0-e4a3-418f-a673-50da4e34df21.md | 4 +- .../7b47138f-ec0e-47dc-8516-e7728fe3cc17.md | 4 +- .../869e7fb4-30f0-4bdb-b360-ad548f337f2f.md | 2 +- .../881696a8-68c5-4073-85bc-7c38a3deb854.md | 2 +- .../89f84a1e-75f8-47c5-83b5-bee8e2de4168.md | 2 +- .../8c3bedf1-c570-4c3b-b414-d068cd39a00c.md | 2 +- .../961ce567-a16d-4d7d-9027-f0ec2628a555.md | 2 +- .../a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md | 4 +- .../b176e927-bbe2-44a6-a9c3-041417137e5f.md | 2 +- .../c62746cf-92d5-4649-9acf-7d48d086f2ee.md | 2 +- .../ca4df748-613a-4fbf-9c76-f02cbd580307.md | 2 +- .../d5e83b32-56dd-4247-8c2e-074f43b38a5e.md | 2 +- .../da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md | 2 +- .../e2d834b7-8b25-4935-af53-4a60668dcbe0.md | 2 +- .../e8c80448-31d8-4755-85fc-6dbab69c2717.md | 2 +- .../eb8c2560-8bee-4248-9d0d-e80c8641dd91.md | 2 +- .../f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md | 2 +- .../c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md | 2 +- .../c6473dae-8477-4119-88b7-b909b435ce7b.md | 2 +- .../d7dc9350-74bc-485b-8c85-fed22d276c43.md | 2 +- .../086031e1-9d4a-4249-acb3-5bfe4c363db2.md | 2 +- .../092bae86-6105-4802-99d2-99cd7e7431f3.md | 2 +- .../099b4411-d11e-4537-a0fc-146b19762a79.md | 2 +- .../0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md | 2 +- .../11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md | 2 +- .../18d3a83d-4414-49dc-90ea-f0387b2856cc.md | 2 +- .../19c9e2a0-fc33-4264-bba1-e3682661e8f7.md | 2 +- .../20180133-a0d0-4745-bfe0-94049fbb12a9.md | 2 +- .../20dcd953-a8b8-4892-9026-9afa6d05a525.md | 2 +- .../2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md | 2 +- .../2775e169-e708-42a9-9305-b58aadd2c4dd.md | 2 +- .../28a757fc-3d8f-424a-90c0-4233363b2711.md | 2 +- .../29b8224a-60e9-4011-8ac2-7916a659841f.md | 2 +- .../300a9964-b086-41f7-9378-b6de3ba1c32b.md | 2 +- .../344bf8ab-9308-462b-a6b2-697432e40ba1.md | 2 +- .../3602d273-3290-47b2-80fa-720162b1a8af.md | 2 +- .../3b30e3d6-c99b-4318-b38f-b99db74578b5.md | 2 +- .../507df964-ad97-4035-ab14-94a82eabdfdd.md | 2 +- .../66dae697-507b-4aef-be18-eec5bd707f33.md | 2 +- .../6a4080ae-79bd-42f6-a924-8f534c1c018b.md | 2 +- .../6cf4c3a7-ceb0-4475-8892-3745b84be24a.md | 2 +- .../6d34aff3-fdd2-460c-8190-756a3b4969e8.md | 2 +- .../7289eebd-a477-4064-8ad4-3c044bd70b00.md | 2 +- .../75418eb9-39ec-465f-913c-6f2b6a80dc77.md | 2 +- .../7814ddda-e758-4a56-8be3-289a81ded929.md | 2 +- .../7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md | 2 +- .../80b15fb1-6207-40f4-a803-6915ae619a03.md | 2 +- .../829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md | 2 +- .../89afe3f0-4681-4ce3-89ed-896cebd4277c.md | 2 +- .../98e04ca0-34f5-4c74-8fec-d2e611ce2790.md | 2 +- .../9df7f78f-ebe3-432e-ac3b-b67189c15518.md | 2 +- .../9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md | 2 +- .../a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md | 2 +- .../aed98a2a-e680-497a-8886-277cea0f4514.md | 2 +- .../b28bcd2f-c309-490e-ab7c-35fc4023eb26.md | 2 +- .../b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md | 2 +- .../bc20bbc6-0697-4568-9a73-85af1dd97bdd.md | 2 +- .../be41f891-96b1-4b9d-b74f-b922a918c778.md | 2 +- .../c6fc6f29-dc04-46b6-99ba-683c01aff350.md | 2 +- .../d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md | 2 +- .../d43366c5-80b0-45de-bbe8-2338f4ab0a83.md | 2 +- .../d58c6f24-3763-4269-9f5b-86b2569a003b.md | 2 +- .../d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md | 2 +- .../d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md | 2 +- .../d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md | 2 +- .../dc126833-125a-40fb-905a-ce5f2afde240.md | 2 +- .../ed672a9f-fbf0-44d8-a47d-779501b0db05.md | 2 +- .../f9b7086b-deb8-4034-9330-d7fd38f1b8de.md | 2 +- .../fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md | 2 +- docs/queries/azureresourcemanager-queries.md | 2 +- .../1367dd13-2c90-4020-80b7-e4339a3dc2c4.md | 2 +- .../2081c7d6-2851-4cce-bda5-cb49d462da42.md | 2 +- .../25684eac-daaa-4c2c-94b4-8d2dbb627909.md | 2 +- .../2583fab1-953b-4fae-bd02-4a136a6c21f9.md | 2 +- .../25c0228e-4444-459b-a2df-93c7df40b7ed.md | 2 +- .../2ade1579-4b2c-4590-bebb-f99bf597f612.md | 2 +- .../350f3955-b5be-436f-afaa-3d2be2fa6cdd.md | 2 +- .../3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md | 2 +- .../43f6e60c-9cdb-4e77-864d-a66595d26518.md | 2 +- .../488847ff-6031-487c-bf42-98fd6ac5c9a0.md | 2 +- .../4d2cf896-c053-4be5-9c95-8b4771112f29.md | 2 +- .../4d522e7b-f938-4d51-a3b1-974ada528bd3.md | 2 +- .../564b70f8-41cd-4690-aff8-bb53add86bc9.md | 2 +- .../574e8d82-1db2-4b9c-b526-e320ede9a9ff.md | 2 +- .../59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md | 2 +- .../6797f581-0433-4768-ae3e-7ceb2f8b138e.md | 2 +- .../6a3201a5-1630-494b-b294-3129d06b0eca.md | 2 +- .../70111098-7f85-48f0-b1b4-e4261cf5f61b.md | 2 +- .../79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md | 2 +- .../7c25f361-7c66-44bf-9b69-022acd5eb4bd.md | 2 +- .../83130a07-235b-4a80-918b-a370e53f0bd9.md | 2 +- .../89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md | 2 +- .../8fa9ceea-881f-4ef0-b0b8-728f589699a7.md | 2 +- .../90120147-f2e7-4fda-bb21-6fa9109afd63.md | 2 +- .../9073f073-5d60-4b46-b569-0d6baa80ed95.md | 2 +- .../92302b47-b0cc-46cb-a28f-5610ecda140b.md | 2 +- .../9307a2ed-35c2-413d-94de-a1a0682c2158.md | 2 +- .../9b09dee1-f09b-4013-91d2-158fa4695f4b.md | 2 +- .../a0ab985d-660b-41f7-ac81-70957ee8e627.md | 2 +- .../a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md | 8 +- .../a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md | 2 +- .../b5c851d5-00f1-43dc-a8de-3218fd6f71be.md | 2 +- .../bf500309-da53-4dd3-bcf7-95f7974545a5.md | 4 +- .../c09cdac2-7670-458a-bf6c-efad6880973a.md | 2 +- .../c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md | 2 +- .../cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md | 2 +- .../d855ced8-6157-448f-9f1d-f05a41d046f7.md | 2 +- .../e055285c-bc01-48b4-8aa5-8a54acdd29df.md | 2 +- .../e25b56cd-a4d6-498f-ab92-e6296a082097.md | 2 +- .../e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md | 4 +- .../e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md | 4 +- .../f9112910-c7bb-4864-9f5e-2059ba413bb7.md | 4 +- .../a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md | 2 +- .../20f14e1a-a899-4e79-9f09-b6a84cd4649b.md | 6 +- .../555ab8f9-2001-455e-a077-f2d0f41e2fb9.md | 2 +- .../60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md | 2 +- .../62ff6823-927a-427f-acf9-f1ea2932d616.md | 2 +- docs/queries/cloudformation-queries.md | 2 +- .../0104165b-02d5-426f-abc9-91fb48189899.md | 2 +- .../01986452-bdd8-4aaa-b5df-d6bf61d616ff.md | 2 +- .../01d5a458-a6c4-452a-ac50-054d59275b7c.md | 2 +- .../0264093f-6791-4475-af34-4b8102dcbcd0.md | 2 +- .../027a4b7a-8a59-4938-a04f-ed532512cf45.md | 2 +- .../03879981-efa2-47a0-a818-c843e1441b88.md | 2 +- .../03b38885-8f4e-480c-a0e4-12c1affd15db.md | 2 +- .../045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md | 2 +- .../050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md | 2 +- .../058ac855-989f-4378-ba4d-52d004020da7.md | 2 +- .../06933df4-0ea7-461c-b9b5-104d27390e0e.md | 2 +- .../06adef8c-c284-4de7-aad2-af43b07a8ca1.md | 2 +- .../06b9f52a-8cd5-459b-bdc6-21a22521e1be.md | 2 +- .../06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md | 2 +- .../07dda8de-d90d-469e-9b37-1aca53526ced.md | 2 +- .../086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md | 2 +- .../08b81bb3-0985-4023-8602-b606ad81d279.md | 2 +- .../08e39832-5e42-4304-98a0-aa5b43393162.md | 2 +- .../0a994e04-c6dc-471d-817e-d37451d18a3b.md | 2 +- .../0b0556ea-9cd9-476f-862e-20679dda752b.md | 2 +- .../0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md | 2 +- .../0e5872b4-19a0-4165-8b2f-56d9e14b909f.md | 2 +- .../0f04217d-488f-4e7a-bec8-f16159686cd6.md | 2 +- .../0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md | 2 +- .../0f139403-303f-467c-96bd-e717e6cfd62d.md | 2 +- .../1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md | 2 +- .../105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md | 2 +- .../124b173b-e06d-48a6-8acd-f889443d97a4.md | 2 +- .../12726829-93ed-4d51-9cbe-13423f4299e1.md | 2 +- .../1819ac03-542b-4026-976b-f37addd59f3b.md | 2 +- .../1a427b25-2e9e-4298-9530-0499a55e736b.md | 2 +- .../1b6322d9-c755-4f8c-b804-32c19250f2d9.md | 2 +- .../1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md | 2 +- .../1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md | 2 +- .../1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md | 2 +- .../1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md | 2 +- .../1fe9d958-ddce-4228-a124-05265a959a8b.md | 2 +- .../209189f3-c879-48a7-9703-fbcfa96d0cef.md | 2 +- .../219f4c95-aa50-44e0-97de-cf71f4641170.md | 2 +- .../235ca980-eb71-48f4-9030-df0c371029eb.md | 2 +- .../24d932e1-91f0-46ea-836f-fdbd81694151.md | 2 +- .../2564172f-c92b-4261-9acd-464aed511696.md | 2 +- .../2623d682-dccb-44cd-99d0-54d9fd62f8f2.md | 2 +- .../2730c169-51d7-4ae7-99b5-584379eff1bb.md | 2 +- .../275a3217-ca37-40c1-a6cf-bb57d245ab32.md | 2 +- .../2844c749-bd78-4cd1-90e8-b179df827602.md | 2 +- .../2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md | 2 +- .../2b1d4935-9acf-48a7-8466-10d18bf51a69.md | 2 +- .../2c161e58-cb52-454f-abea-6470c37b5e6e.md | 2 +- .../2ff8e83c-90e1-4d68-a300-6d652112e622.md | 2 +- .../316278b3-87ac-444c-8f8f-a733a28da60f.md | 2 +- .../31733ee2-fef0-4e87-9778-65da22a8ecf1.md | 2 +- .../323db967-c68e-44e6-916c-a777f95af34b.md | 2 +- .../33f41d31-86b1-46a4-81f7-9c9a671f59ac.md | 2 +- .../350cd468-0e2c-44ef-9d22-cfb73a62523c.md | 2 +- .../3609d27c-3698-483a-9402-13af6ae80583.md | 2 +- .../3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md | 2 +- .../37cca703-b74c-48ba-ac81-595b53398e9b.md | 2 +- .../37fa8188-738b-42c8-bf82-6334ea567738.md | 2 +- .../38c64e76-c71e-4d92-a337-60174d1de1c9.md | 2 +- .../39423ce4-9011-46cd-b6b1-009edcd9385d.md | 2 +- .../3ae83918-7ec7-4cb8-80db-b91ef0f94002.md | 2 +- .../3b02569b-fc6f-4153-b3a3-ba91022fed68.md | 2 +- .../3b316b05-564c-44a7-9c3f-405bb95e211e.md | 2 +- .../3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md | 2 +- .../3c3b7a58-b018-4d07-9444-d9ee7156e111.md | 2 +- .../3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md | 2 +- .../3e09413f-471e-40f3-8626-990c79ae63f3.md | 2 +- .../3e293410-d5b8-411f-85fd-7d26294f20c9.md | 2 +- .../42e7dca3-8cce-4325-8df0-108888259136.md | 2 +- .../43356255-495d-4148-ad8d-f6af5eac09dd.md | 2 +- .../44034eda-1c3f-486a-831d-e09a7dd94354.md | 2 +- .../4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md | 2 +- .../456b00a3-1072-4149-9740-6b8bb60251b0.md | 2 +- .../48677914-6fdf-40ec-80c4-2b0e94079f54.md | 2 +- .../48af92a5-c89b-4936-bc62-1086fe2bab23.md | 2 +- .../48f100d9-f499-4c6d-b2b8-deafe47ffb26.md | 2 +- .../493d9591-6249-47bf-8dc0-5c10161cc558.md | 2 +- .../494b03d3-bf40-4464-8524-7c56ad0700ed.md | 2 +- .../4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md | 2 +- .../4a8daf95-709d-4a36-9132-d3e19878fa34.md | 2 +- .../4ab10c48-bedb-4deb-8f3b-ff12783b61de.md | 2 +- .../4ae8af91-5108-42cb-9471-3bdbe596eac9.md | 2 +- .../4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md | 2 +- .../4bd21e68-38c1-4d58-acdc-6a14b203237f.md | 2 +- .../4c137350-7307-4803-8c04-17c09a7a9fcf.md | 2 +- .../4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md | 2 +- .../4d32780f-43a4-424a-a06d-943c543576a5.md | 2 +- .../4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md | 2 +- .../4e88adee-a8eb-4605-a78d-9fb1096e3091.md | 2 +- .../4f0908b9-eb66-433f-9145-134274e1e944.md | 2 +- .../52790cad-d60d-41d5-8483-146f9f21208d.md | 2 +- .../568cc372-ca64-420d-9015-ee347d00d288.md | 2 +- .../57b12981-3816-4c31-b190-a1e614361dd2.md | 2 +- .../5864fb39-d719-4182-80e2-89dbe627be63.md | 2 +- .../5906092d-5f74-490d-9a03-78febe0f65e1.md | 2 +- .../59a849c2-1127-4023-85a5-ef906dcd458c.md | 2 +- .../5b033ec8-f079-4323-b5c8-99d4620433a9.md | 2 +- .../5b48c507-0d1f-41b0-a630-76817c6b4189.md | 2 +- .../5beacce3-4020-4a3d-9e1d-a36f953df630.md | 2 +- .../5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md | 2 +- .../5c666ed9-b586-49ab-9873-c495a833b705.md | 2 +- .../5d3c1807-acb3-4bb0-be4e-0440230feeaf.md | 2 +- .../5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md | 2 +- .../5e7acff5-095b-40ac-9073-ac2e4ad8a512.md | 2 +- .../5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md | 2 +- .../60a05ede-0a68-4d0d-a58f-f538cf55ff79.md | 2 +- .../61a94903-3cd3-4780-88ec-fc918819b9c8.md | 2 +- .../65844ba3-03a1-40a8-b3dd-919f122e8c95.md | 2 +- .../65d07da5-9af5-44df-8983-52d2e6f24c44.md | 2 +- .../6685d912-d81f-4cfa-95ad-e316ea31c989.md | 2 +- .../66f2d8f9-a911-4ced-ae27-34f09690bb2c.md | 2 +- .../68b6a789-82f8-4cfd-85de-e95332fe6a61.md | 2 +- .../6b5b0313-771b-4319-ad7a-122ee78700ef.md | 2 +- .../6c131358-c54d-419b-9dd6-1f7dd41d180c.md | 2 +- .../6c8d51af-218d-4bfb-94a9-94eabaa0703a.md | 2 +- .../6d087495-2a42-4735-abf7-02ef5660a7e6.md | 2 +- .../6d64f311-3da6-45f3-80f1-14db9771ea40.md | 2 +- .../6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md | 2 +- .../6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md | 2 +- .../6ef03ff6-a2bd-483c-851f-631f248bc0ea.md | 2 +- .../709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md | 2 +- .../71493c8b-3014-404c-9802-078b74496fb7.md | 2 +- .../73980e43-f399-4fcc-a373-658228f7adf7.md | 2 +- .../73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md | 2 +- .../74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md | 2 +- .../75be209d-1948-41f6-a8c8-e22dd0121134.md | 2 +- .../76ddf32c-85b1-4808-8935-7eef8030ab36.md | 2 +- .../7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md | 2 +- .../77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md | 2 +- .../78055456-f670-4d2e-94d5-392d1cf4f5e4.md | 2 +- .../783860a3-6dca-4c8b-81d0-7b62769ccbca.md | 2 +- .../79d745f0-d5f3-46db-9504-bef73e9fd528.md | 2 +- .../7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md | 2 +- .../7f65be75-90ab-4036-8c2a-410aef7bb650.md | 2 +- .../7f8843f0-9ea5-42b4-a02b-753055113195.md | 2 +- .../7f8f1b60-43df-4c28-aa21-fb836dbd8071.md | 2 +- .../7fd0d461-5b8c-4815-898c-f2b4b117eb28.md | 2 +- .../800fa019-49dd-421b-9042-7331fdd83fa2.md | 2 +- .../80908a75-586b-4c61-ab04-490f4f4525b8.md | 2 +- .../809f77f8-d10e-4842-a84f-3be7b6ff1190.md | 2 +- .../80b7ac3f-d2b7-4577-9b10-df7913497162.md | 2 +- .../80d45af4-4920-4236-a56e-b7ef419d1941.md | 2 +- .../818f38ed-8446-4132-9c03-474d49e10195.md | 2 +- .../8275fab0-68ec-4705-bbf4-86975edb170e.md | 2 +- .../829ce3b8-065c-41a3-ad57-e0accfea82d2.md | 2 +- .../835d5497-a526-4aea-a23f-98a9afd1635f.md | 2 +- .../837e033c-4717-40bd-807e-6abaa30161b7.md | 2 +- .../85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md | 2 +- .../860ba89b-b8de-4e72-af54-d6aee4138a69.md | 2 +- .../86a248ab-0e01-4564-a82a-878303e253bb.md | 2 +- .../87482183-a8e7-4e42-a566-7a23ec231c16.md | 2 +- .../88d55d94-315d-4564-beee-d2d725feab11.md | 2 +- .../89827c57-5a8a-49eb-9731-976a606d70db.md | 2 +- .../8a6d36cd-0bc6-42b7-92c4-67acc8576861.md | 2 +- .../8c415f6f-7b90-4a27-a44a-51047e1506f9.md | 2 +- .../8d29754a-2a18-460d-a1ba-9509f8d359da.md | 2 +- .../8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md | 2 +- .../8df8e857-bd59-44fa-9f4c-d77594b95b46.md | 2 +- .../8f957abd-9703-413d-87d3-c578950a753c.md | 2 +- .../9025b2b3-e554-4842-ba87-db7aeec36d35.md | 2 +- .../90501b1b-cded-4cc1-9e8b-206b85cda317.md | 2 +- .../9488c451-074e-4cd3-aee3-7db6104f542c.md | 2 +- .../953b3cdb-ce13-428a-aa12-318726506661.md | 2 +- .../9564406d-e761-4e61-b8d7-5926e3ab8e79.md | 2 +- .../97e94d17-e2c7-4109-a53b-6536ac1bb64e.md | 2 +- .../9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md | 2 +- .../9b83114b-b2a1-4534-990d-06da015e47aa.md | 2 +- .../9c7028d9-04c2-45be-b8b2-1188ccaefb36.md | 2 +- .../9d13b150-a2ab-42a1-b6f4-142e41f81e52.md | 2 +- .../9e8c89b3-7997-4d15-93e4-7911b9db99fd.md | 2 +- .../9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md | 2 +- .../9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md | 2 +- .../9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md | 2 +- .../a0ae0a4e-712b-4115-8112-51b9eeed9d69.md | 2 +- .../a227ec01-f97a-4084-91a4-47b350c1db54.md | 2 +- .../a25cd877-375c-4121-a640-730929936fac.md | 2 +- .../a2f2800e-614b-4bc8-89e6-fec8afd24800.md | 2 +- .../a3aa0087-8228-4e7e-b202-dc9036972d02.md | 2 +- .../a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md | 2 +- .../a478af30-8c3a-404d-aa64-0b673cee509a.md | 2 +- .../a5366a50-932f-4085-896b-41402714a388.md | 2 +- .../a58d1a2d-4078-4b80-855b-84cc3f7f4540.md | 2 +- .../a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md | 2 +- .../a7f8ac28-eed1-483d-87c8-4c325f022572.md | 2 +- .../a964d6e3-8e1e-4d93-8120-61fa640dd55a.md | 2 +- .../a976d63f-af0e-46e8-b714-8c1a9c4bf768.md | 2 +- .../ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md | 2 +- .../acc78859-765e-4011-a229-a65ea57db252.md | 2 +- .../ad21e616-5026-4b9d-990d-5b007bfe679c.md | 2 +- .../ad7444cf-817a-4765-a79e-2145f7981faf.md | 2 +- .../adcd0082-e90b-4b63-862b-21899f6e6a48.md | 2 +- .../ae03f542-1423-402f-9cef-c834e7ee9583.md | 2 +- .../ae53ce91-42b5-46bf-a84f-9a13366a4f13.md | 2 +- .../b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md | 2 +- .../b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md | 2 +- .../b3de4e4c-14be-4159-b99d-9ad194365e4c.md | 2 +- .../b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md | 2 +- .../b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md | 2 +- .../b7063015-6c31-4658-a8e7-14f98f37fd42.md | 2 +- .../ba766c53-fe71-4bbb-be35-b6803f2ef13e.md | 2 +- .../bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md | 2 +- .../be5b230d-4371-4a28-a441-85dc760e2aa3.md | 2 +- .../be96849c-3df6-49c2-bc16-778a7be2519c.md | 2 +- .../bf4473f1-c8a2-4b1b-8134-bd32efabab93.md | 2 +- .../bf89373a-be40-4c04-99f5-746742dfd7f3.md | 2 +- .../c1282e03-b285-4637-aee7-eefe3a7bb658.md | 2 +- .../c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md | 2 +- .../c333e906-8d8b-4275-b999-78b6318f8dc6.md | 6 +- .../c3ce69fd-e3df-49c6-be78-1db3f802261c.md | 2 +- .../c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md | 2 +- .../c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md | 2 +- .../c689f51b-9203-43b3-9d8b-caed123f706c.md | 2 +- .../c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md | 2 +- .../c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md | 2 +- .../c8dee387-a2e6-4a73-a942-183c975549ac.md | 2 +- .../c9846969-d066-431f-9b34-8c4abafe422a.md | 2 +- .../cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md | 2 +- .../cc8b294f-006f-4f8f-b5bb-0a9140c33131.md | 2 +- .../cdbb0467-2957-4a77-9992-7b55b29df7b7.md | 2 +- .../cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md | 2 +- .../d24389b4-b209-4ff0-8345-dc7a4569dcdd.md | 2 +- .../d53323be-dde6-4457-9a43-42df737e71d2.md | 2 +- .../d6653eee-2d4d-4e6a-976f-6794a497999a.md | 2 +- .../d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md | 2 +- .../d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md | 2 +- .../d926aa95-0a04-4abc-b20c-acf54afe38a1.md | 2 +- .../da905474-7454-43c0-b8d2-5756ab951aba.md | 2 +- .../dae9c373-8287-462f-8746-6f93dad93610.md | 2 +- .../dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md | 2 +- .../dc1ab429-1481-4540-9b1d-280e3f15f1f8.md | 2 +- .../ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md | 2 +- .../de38e1d5-54cb-4111-a868-6f7722695007.md | 2 +- .../de76a0d6-66d5-45c9-9022-f05545b85c78.md | 2 +- .../de77cd9f-0e8b-46cc-b4a4-b6b436838642.md | 2 +- .../dfb56e5d-ee68-446e-b32a-657b62befe69.md | 2 +- .../e200a6f3-c589-49ec-9143-7421d4a2c845.md | 2 +- .../e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md | 2 +- .../e4239438-e639-44aa-adb8-866e400e3ade.md | 2 +- .../e42a3ef0-5325-4667-84bf-075ba1c9d58e.md | 2 +- .../e4ee3903-9225-4b6a-bdfb-e62dbadef821.md | 2 +- .../e4f54ff4-d352-40e8-a096-5141073c37a2.md | 2 +- .../e519ed6a-8328-4b69-8eb7-8fa549ac3050.md | 2 +- .../e52395b4-250b-4c60-81d5-2e58c1d37abc.md | 2 +- .../e649a218-d099-4550-86a4-1231e1fcb60d.md | 2 +- .../e835bd0d-65da-49f7-b6d1-b646da8727e6.md | 2 +- .../ea33fcf7-394b-4d11-a228-985c5d08f205.md | 2 +- .../ed4c48b8-eccc-4881-95c1-09fdae23db25.md | 2 +- .../edbd62d4-8700-41de-b000-b3cfebb5e996.md | 2 +- .../edc95c10-7366-4f30-9b4b-f995c84eceb5.md | 2 +- .../ee12ad32-2863-4c0f-b13f-28272d115028.md | 2 +- .../ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md | 2 +- .../ef05a925-8568-4054-8ff1-f5ba82631c16.md | 2 +- .../f0104061-8bfc-4b45-8a7d-630eb502f281.md | 2 +- .../f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md | 4 +- .../f57f849c-883b-4cb7-85e7-f7b199dff163.md | 2 +- .../f6049677-ec4a-43af-8779-5190b6d03cba.md | 2 +- .../f62aa827-4ade-4dc4-89e4-1433d384a368.md | 2 +- .../f6397a20-4cf1-4540-a997-1d363c25ef58.md | 2 +- .../f6d299d2-21eb-41cc-b1e1-fe12d857500b.md | 2 +- .../f80e3aa7-7b34-4185-954e-440a6894dde6.md | 2 +- .../f914357d-8386-4d56-9ba6-456e5723f9a6.md | 2 +- .../f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md | 2 +- .../f988a17f-1139-46a3-8928-f27eafd8b024.md | 2 +- .../faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md | 2 +- .../fb2b0ecf-1492-491a-a70d-ba1df579175d.md | 2 +- .../fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md | 2 +- .../fcbf9019-566c-4832-a65c-af00d8137d2b.md | 2 +- .../fe974ae9-858e-4991-bbd5-e040a834679f.md | 2 +- .../ffee2785-c347-451e-89f3-11aeb08e5c84.md | 2 +- .../a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md | 270 +++++++++--------- .../0c7a76d9-7dc5-499e-81ac-9245839177cb.md | 2 +- .../255b0fcc-9f82-41fe-9229-01b163e3376b.md | 2 +- .../6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md | 2 +- .../72840c35-3876-48be-900d-f21b2f0c2ea1.md | 2 +- .../7b590235-1ff4-421b-b9ff-5227134be9bb.md | 2 +- .../83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md | 2 +- .../9296f1cc-7a40-45de-bd41-f31745488a0e.md | 2 +- .../934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md | 2 +- .../a507daa5-0795-4380-960b-dd7bb7c56661.md | 2 +- .../bdecd6db-2600-47dd-a10c-72c97cf17ae9.md | 2 +- .../d9dc6429-5140-498a-8f55-a10daac5f000.md | 2 +- .../dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md | 2 +- .../e50eb68a-a4af-4048-8bbe-8ec324421469.md | 2 +- .../e6cd49ba-77ed-417f-9bca-4f5303554308.md | 2 +- .../6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md | 2 +- .../b2418936-cd47-4ea2-8346-623c0bdb87bd.md | 2 +- .../6c2d627c-de0f-45fb-b33d-dad9bffbb421.md | 2 +- .../b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md | 2 +- .../071a71ff-f868-47a4-ac0b-3c59e4ab5443.md | 2 +- .../1c1325ff-831d-43a1-973e-839ae57dfcc0.md | 9 +- .../221e0658-cb2a-44e3-b08a-db96a341d6fa.md | 2 +- .../27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md | 2 +- .../2fc99041-ddad-49d5-853f-e35e70a48391.md | 2 +- .../404fde2c-bc4b-4371-9747-7054132ac953.md | 4 +- .../451d79dc-0588-476a-ad03-3c7f0320abb3.md | 2 +- .../4d9f44c6-2f4a-4317-9bb5-267adbea0232.md | 2 +- .../4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md | 2 +- .../610e266e-6c12-4bca-9925-1ed0cd29742b.md | 2 +- .../698ed579-b239-4f8f-a388-baa4bcb13ef8.md | 2 +- .../6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md | 2 +- .../8af7162d-6c98-482f-868e-0d33fb675ca8.md | 2 +- .../8c978947-0ff6-485c-b0c2-0bfca6026466.md | 2 +- .../ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md | 2 +- .../baa3890f-bed7-46f5-ab8f-1da8fc91c729.md | 2 +- .../baa452f0-1f21-4a25-ace5-844e7a5f410d.md | 2 +- .../bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md | 2 +- .../bc2908f3-f73c-40a9-8793-c1b7d5544f79.md | 2 +- .../ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md | 2 +- .../d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md | 2 +- .../1239f54b-33de-482a-8132-faebe288e6a6.md | 2 +- .../227c2f58-70c6-4432-8e9a-a89c1a548cf5.md | 2 +- .../268c65a8-58ad-43e4-9019-1a9bbc56749f.md | 2 +- .../28727987-e398-49b8-aef1-8a3e7789d111.md | 2 +- .../313d6deb-3b67-4948-b41d-35b699c2492e.md | 2 +- .../48c61fbd-09c9-46cc-a521-012e0c325412.md | 2 +- .../50cb6c3b-c878-4b88-b50e-d1421bada9e8.md | 2 +- .../62c8cf50-87f0-4295-a974-8184ed78fe02.md | 2 +- .../63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md | 2 +- .../660360d3-9ca7-46d1-b147-3acc4002953f.md | 2 +- .../6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md | 2 +- .../6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md | 2 +- .../77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md | 2 +- .../7c98538a-81c6-444b-bf04-e60bc3ceeec0.md | 2 +- .../7ef7d141-9fbb-4679-a977-fd0883436906.md | 2 +- .../8212e2d7-e683-49bc-bf78-d6799075c5a7.md | 2 +- .../83103dff-d57f-42a8-bd81-40abab64c1a7.md | 2 +- .../8810968b-4b15-421d-918b-d91eb4bb8d1d.md | 2 +- .../9038b526-4c19-4928-bca2-c03d503bdb79.md | 2 +- .../95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md | 2 +- .../9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md | 2 +- .../a21b8df3-c840-4b3d-a41a-10fb2afda171.md | 2 +- .../a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md | 2 +- .../ad0875c1-0b39-4890-9149-173158ba3bba.md | 2 +- .../bbfc97ab-e92a-4a7b-954c-e88cec815011.md | 2 +- .../c47f90e8-4a19-43f0-8413-cc434d286c4e.md | 2 +- .../c759d6f2-4dd3-4160-82d3-89202ef10d87.md | 2 +- .../c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md | 2 +- .../dbe058d7-b82e-430b-8426-992b2e4677e7.md | 2 +- .../dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md | 2 +- .../dd690686-2bf9-4012-a821-f61912dd77be.md | 2 +- .../dee21308-2a7a-49de-8ff7-c9b87e188575.md | 2 +- .../df58d46c-783b-43e0-bdd0-d99164f712ee.md | 2 +- .../e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md | 2 +- .../fc040fb6-4c23-4c0d-b12a-39edac35debb.md | 2 +- .../daaace5f-c0dc-4835-b526-7a116b7f4b4e.md | 2 +- .../e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md | 2 +- .../02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md | 2 +- .../03aabc8c-35d6-481e-9c85-20139cf72d23.md | 2 +- .../0401f71b-9c1e-4821-ab15-a955caa621be.md | 2 +- .../056ac60e-fe07-4acc-9b34-8e1d51716ab9.md | 2 +- .../05fb986f-ac73-4ebb-a5b2-7faafa93d882.md | 2 +- .../075ca296-6768-4322-aea2-ba5063b969a9.md | 2 +- .../09bb9e96-8da3-4736-b89a-b36814acca60.md | 2 +- .../10efce34-5af6-4d83-b414-9e096d5a06a9.md | 2 +- .../1123031a-f921-4c5b-bd86-ef354ecfd37a.md | 2 +- .../13a49a2e-488e-4309-a7c0-d6b05577a5fb.md | 2 +- .../14abda69-8e91-4acb-9931-76e2bee90284.md | 2 +- .../1828a670-5957-4bc5-9974-47da228f75e2.md | 2 +- .../192fe40b-b1c3-448a-aba2-6cc19a300fe3.md | 2 +- .../19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md | 2 +- .../1a07a446-8e61-4e4d-bc16-b0781fcb8211.md | 2 +- .../1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md | 2 +- .../1acd93f1-5a37-45c0-aaac-82ece818be7d.md | 2 +- .../1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md | 2 +- .../1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md | 2 +- .../1de5cc51-f376-4638-a940-20f2e85ae238.md | 2 +- .../1e749bc9-fde8-471c-af0c-8254efd2dee5.md | 2 +- .../1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md | 2 +- .../2270987f-bb51-479f-b8be-3ca73e5ad648.md | 2 +- .../229588ef-8fde-40c8-8756-f4f2b5825ded.md | 2 +- .../235236ee-ad78-4065-bd29-61b061f28ce0.md | 2 +- .../249328b8-5f0f-409f-b1dd-029f07882e11.md | 2 +- .../26763a1c-5dda-4772-b507-5fca7fb5f165.md | 2 +- .../268ca686-7fb7-4ae9-b129-955a2a89064e.md | 2 +- .../2940d48a-dc5e-4178-a3f8-bfbd80720b41.md | 2 +- .../2b1836f1-dcce-416e-8e16-da8c71920633.md | 2 +- .../2f491173-6375-4a84-b28e-a4e2b9a58a69.md | 2 +- .../2f652c42-619d-4361-b361-9f599688f8ca.md | 2 +- .../302736f4-b16c-41b8-befe-c0baffa0bd9d.md | 2 +- .../32ecd76e-7bbf-402e-bf48-8b9485749558.md | 2 +- .../33fc6923-6553-4fe6-9d3a-4efa51eb874b.md | 2 +- .../35c0a471-f7c8-4993-aa2c-503a3c712a66.md | 2 +- .../36a27826-1bf5-49da-aeb0-a60a30c0e834.md | 2 +- .../3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md | 2 +- .../38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md | 2 +- .../3ca03a61-3249-4c16-8427-6f8e47dda729.md | 2 +- .../3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md | 2 +- .../3d658f8b-d988-41a0-a841-40043121de1e.md | 2 +- .../3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md | 2 +- .../46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md | 2 +- .../48471392-d4d0-47c0-b135-cdec95eb3eef.md | 2 +- .../48a5beba-e4c0-4584-a2aa-e6894e4cf424.md | 2 +- .../49113af4-29ca-458e-b8d4-724c01a4a24f.md | 2 +- .../4a20ebac-1060-4c81-95d1-1f7f620e983b.md | 2 +- .../4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md | 2 +- .../4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md | 2 +- .../510d5810-9a30-443a-817d-5c1fa527b110.md | 2 +- .../52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md | 2 +- .../5308a7a8-06f8-45ac-bf10-791fe21de46e.md | 2 +- .../5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md | 2 +- .../5744cbb8-5946-4b75-a196-ade44449525b.md | 2 +- .../583053b7-e632-46f0-b989-f81ff8045385.md | 2 +- .../591ade62-d6b0-4580-b1ae-209f80ba1cd9.md | 2 +- .../592ad21d-ad9b-46c6-8d2d-fad09d62a942.md | 2 +- .../5da47109-f8d6-4585-9e2b-96a8958a12f5.md | 2 +- .../5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md | 2 +- .../611ab018-c4aa-4ba2-b0f6-a448337509a6.md | 2 +- .../69bbc5e3-0818-4150-89cc-1e989b48f23b.md | 2 +- .../6a68bebe-c021-492e-8ddb-55b0567fb768.md | 2 +- .../6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md | 2 +- .../6b896afb-ca07-467a-b256-1a0077a1c08e.md | 2 +- .../6cf42c97-facd-4fda-b8af-ea4529123355.md | 2 +- .../6d173be7-545a-46c6-a81d-2ae52ed1605d.md | 2 +- .../7307579a-3abb-46ad-9ce5-2a915634d5c8.md | 2 +- .../73e251f0-363d-4e53-86e2-0a93592437eb.md | 2 +- .../768aab52-2504-4a2f-a3e3-329d5a679848.md | 2 +- .../7c81d34c-8e5a-402b-9798-9f442630e678.md | 2 +- .../80f93444-b240-4ebb-a4c6-5c40b76c04ea.md | 2 +- .../8320826e-7a9c-4b0b-9535-578333193432.md | 2 +- .../845acfbe-3e10-4b8e-b656-3b404d36dfb2.md | 2 +- .../85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md | 2 +- .../87554eef-154d-411d-bdce-9dbd91e56851.md | 2 +- .../895a5a95-3756-4b04-9924-2f3bc93181bd.md | 2 +- .../8b36775e-183d-4d46-b0f7-96a6f34a723f.md | 2 +- .../8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md | 2 +- .../8cf4671a-cf3d-46fc-8389-21e7405063a2.md | 2 +- .../9127f0d9-2310-42e7-866f-5fd9d20dcbad.md | 2 +- .../91dacd0e-d189-4a9c-8272-5999a3cc32d9.md | 2 +- .../9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md | 2 +- .../94b76ea5-e074-4ca2-8a03-c5a606e30645.md | 2 +- .../9587c890-0524-40c2-9ce2-663af7c2f063.md | 2 +- .../98ce8b81-7707-4734-aa39-627c6db3d84b.md | 2 +- .../9f85c3f6-26fd-4007-938a-2e0cb0100980.md | 2 +- .../a31b7b82-d994-48c4-bd21-3bab6c31827a.md | 2 +- .../a33e9173-b674-4dfb-9d82-cf3754816e4b.md | 2 +- .../a5530bd7-225a-48f9-91bb-f40b04200165.md | 2 +- .../a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md | 2 +- .../a6f34658-fdfb-4154-9536-56d516f65828.md | 2 +- .../a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md | 2 +- .../a97a340a-0063-418e-b3a1-3028941d0995.md | 2 +- .../a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md | 4 +- .../aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md | 2 +- .../ade74944-a674-4e00-859e-c6eab5bde441.md | 2 +- .../ae8827e2-4af9-4baa-9998-87539ae0d6f0.md | 2 +- .../afa36afb-39fe-4d94-b9b6-afb236f7a03d.md | 2 +- .../b14d1bc4-a208-45db-92f0-e21f8e2588e9.md | 2 +- .../b23e9b98-0cb6-4fc9-b257-1f3270442678.md | 2 +- .../b7652612-de4e-4466-a0bf-1cd81f0c6063.md | 2 +- .../b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md | 2 +- .../b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md | 2 +- .../b9380fd3-5ffe-4d10-9290-13e18e71eee1.md | 2 +- .../b9c83569-459b-4110-8f79-6305aa33cb37.md | 2 +- .../bb241e61-77c3-4b97-9575-c0f8a1e008d0.md | 2 +- .../bf36b900-b5ef-4828-adb7-70eb543b7cfb.md | 2 +- .../c1032cf7-3628-44e2-bd53-38c17cf31b6b.md | 2 +- .../c48e57d3-d642-4e0b-90db-37f807b41b91.md | 2 +- .../c589f42c-7924-4871-aee2-1cede9bc7cbc.md | 2 +- .../ca469dd4-c736-448f-8ac1-30a642705e0a.md | 2 +- .../caa3479d-885d-4882-9aac-95e5e78ef5c2.md | 2 +- .../caa93370-791f-4fc6-814b-ba6ce0cb4032.md | 2 +- .../cb7e695d-6a85-495c-b15f-23aed2519303.md | 2 +- .../cbd2db69-0b21-4c14-8a40-7710a50571a9.md | 2 +- .../ccc98ff7-68a7-436e-9218-185cb0b0b780.md | 2 +- .../cd290efd-6c82-4e9d-a698-be12ae31d536.md | 2 +- .../cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md | 2 +- .../ce30e584-b33f-4c7d-b418-a3d7027f8f60.md | 2 +- .../cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md | 2 +- .../d2ad057f-0928-41ef-a83c-f59203bb855b.md | 2 +- .../d45330fd-f58d-45fb-a682-6481477a0f84.md | 2 +- .../d740d048-8ed3-49d3-b77b-6f072f3b669e.md | 2 +- .../d89a15bb-8dba-4c71-9529-bef6729b9c09.md | 2 +- .../da9f3aa8-fbfb-472f-b5a1-576127944218.md | 2 +- .../dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md | 2 +- .../dbbc6705-d541-43b0-b166-dd4be8208b54.md | 2 +- .../dd29336b-fe57-445b-a26e-e6aa867ae609.md | 2 +- .../de4421f1-4e35-43b4-9783-737dd4e4a47e.md | 2 +- .../e0099af2-fe17-411f-9991-0de28fe15f3c.md | 2 +- .../e0e00aba-5f1c-4981-a542-9a9563c0ee20.md | 2 +- .../e17fa86a-6222-4584-a914-56e8f6c87e06.md | 2 +- .../e3aa0612-4351-4a0d-983f-aefea25cf203.md | 2 +- .../e84eaf4d-2f45-47b2-abe8-e581b06deb66.md | 2 +- .../ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md | 2 +- .../ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md | 2 +- .../f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md | 2 +- .../f377b83e-bd07-4f48-a591-60c82b14a78b.md | 2 +- .../f922827f-aab6-447c-832a-e1ff63312bd3.md | 2 +- .../fa4def8c-1898-4a35-a139-7b76b1acdef0.md | 2 +- .../fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md | 2 +- docs/queries/openapi-queries.md | 142 ++++----- .../00b78adf-b83f-419c-8ed8-c6018441dd3a.md | 2 +- .../013bdb4b-9246-4248-b0c3-7fb0fee42a29.md | 2 +- .../015eac96-6313-43c0-84e5-81b1374fa637.md | 8 +- .../0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md | 2 +- .../03856cb2-e46c-4daf-bfbf-214ec93c882b.md | 2 +- .../05505192-ba2c-4a81-9b25-dcdbcc973746.md | 2 +- .../06764426-3c56-407e-981f-caa25db1c149.md | 2 +- .../0b76d993-ee52-43e0-8b39-3787d2ddabf1.md | 2 +- .../0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md | 4 +- .../0de50145-e845-47f4-9a15-23bcf2125710.md | 2 +- .../0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md | 2 +- .../105e20dd-8449-4d71-95c6-d5dac96639af.md | 2 +- .../10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md | 2 +- .../12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md | 2 +- .../151331e2-11f4-4bb6-bd35-9a005e695087.md | 2 +- .../181bd815-767e-4e95-a24d-bb3c87328e19.md | 2 +- .../1908a8ee-927d-4166-8f18-241152170cc1.md | 2 +- .../1a1aea94-745b-40a7-b860-0702ea6ee636.md | 2 +- .../1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md | 2 +- .../20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md | 2 +- .../20cb3159-b219-496b-8dac-54ae3ab2021a.md | 2 +- .../221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md | 2 +- .../237402e2-c2f0-46c9-9cf5-286160cf7bfc.md | 2 +- .../23a9e2d9-8738-4556-a71c-2802b6ffa022.md | 4 +- .../2596545e-1757-4ff7-a15a-8a9a180a42f3.md | 2 +- .../26f06397-36d8-4ce7-b993-17711261d777.md | 2 +- .../274f910a-0665-4f08-b66d-7058fe927dba.md | 2 +- .../281b8071-6226-4a43-911d-fec246d422c2.md | 2 +- .../2bd608ae-8a1f-457f-b710-c237883cb313.md | 2 +- .../2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md | 2 +- .../2d6646f4-2946-420f-8c14-3232d49ae0cb.md | 2 +- .../2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md | 2 +- .../2da46be4-4317-4650-9285-56d7103c4f93.md | 2 +- .../2e275f16-b627-4d3f-ae73-a6153a23ae8f.md | 8 +- .../2e44e632-d617-43cb-b294-6bfe72a08938.md | 2 +- .../2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md | 2 +- .../2ea04bef-c769-409e-9179-ee3a50b5c0ac.md | 2 +- .../31dd6fc0-f274-493b-9614-e063086c19fc.md | 2 +- .../332cf2ad-380d-4b90-b436-46f8e635cf38.md | 2 +- .../33d96c65-977d-4c33-943f-440baca49185.md | 2 +- .../37140f7f-724a-4c87-a536-e9cee1d61533.md | 2 +- .../376c9390-7e9e-4cb8-a067-fd31c05451fd.md | 8 +- .../3847280c-9193-40bc-8009-76168e822ce2.md | 2 +- .../3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md | 2 +- .../39cb32f2-3a42-4af0-8037-82a7a9654b6c.md | 2 +- .../3a01790c-ebee-4da6-8fd3-e78657383b75.md | 2 +- .../3b066059-f411-4554-ac8d-96f32bff90da.md | 2 +- .../3b497874-ae59-46dd-8d72-1868a3b8f150.md | 2 +- .../3b615f00-c443-4ba9-acc4-7c308716917d.md | 2 +- .../3ba0cca1-b815-47bf-ac62-1e584eb64a05.md | 2 +- .../3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md | 2 +- .../3fb03214-25d4-4bd4-867c-c2d8d708a483.md | 2 +- .../40d3df21-c170-4dbe-9c02-4289b51f994f.md | 2 +- .../40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md | 2 +- .../4190dda7-af03-4cf0-a128-70ac1661ca09.md | 2 +- .../429b2106-ba37-43ba-9727-7f699cc611e1.md | 2 +- .../462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md | 4 +- .../46facedc-f243-4108-ab33-583b807d50b0.md | 2 +- .../48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md | 2 +- .../4bcbcd52-3028-469f-bc14-02c7dbba2df2.md | 2 +- .../4cac7ace-b0fb-477d-830d-65395d9109d9.md | 2 +- .../4cd8de87-b595-48b6-ab3c-1904567135ab.md | 2 +- .../500ce696-d501-41dd-86eb-eceb011a386f.md | 2 +- .../50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md | 2 +- .../52c0d841-60d6-4a81-88dd-c35fef36d315.md | 2 +- .../543e38f4-1eee-479e-8eb0-15257013aa0a.md | 2 +- .../561710b1-b845-4562-95ce-2397a05ccef4.md | 2 +- .../58f06434-a88c-4f74-826c-db7e10cc7def.md | 2 +- .../5915c20f-dffa-4cee-b5d4-f457ddc0151a.md | 2 +- .../59c2f769-7cc2-49c8-a3de-4e211135cfab.md | 2 +- .../5aea1d7e-b834-4749-b143-2c7ec3bd5922.md | 2 +- .../5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md | 2 +- .../5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md | 2 +- .../60b5f56b-66ff-4e1c-9b62-5753e16825bc.md | 2 +- .../60fb6621-9f02-473b-9424-ba9a825747d3.md | 2 +- .../663c442d-f918-4f62-b096-0bf5dcbeb655.md | 2 +- .../68e5fcac-390c-4939-a373-6074b7be7c71.md | 2 +- .../6952a7e0-6e48-4285-bbc1-27c64e60f888.md | 2 +- .../698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md | 2 +- .../6998389e-66b2-473d-8d05-c8d71ac4d04d.md | 2 +- .../69d7aefd-149d-47b8-8d89-1c2181a8067b.md | 2 +- .../6a2c219f-da5e-4745-941e-5ea8cde23356.md | 8 +- .../6b76f589-9713-44ab-97f5-59a3dba1a285.md | 2 +- .../6c35d2c6-09f2-4e5c-a094-e0e91327071d.md | 2 +- .../6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md | 2 +- .../72d259ca-9741-48dd-9f62-eb11f2936b37.md | 2 +- .../73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md | 2 +- .../750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md | 2 +- .../750f6448-27c0-49f8-a153-b81735c1e19c.md | 2 +- .../77276d82-4f45-4cf1-8e2b-4d345b936228.md | 2 +- .../773116aa-2e6d-416f-bd85-f0301cc05d76.md | 2 +- .../7a01dfbd-da62-4165-aed7-71349ad42ab4.md | 8 +- .../7f203940-39c4-4ea7-91ee-7aba16bca9e2.md | 2 +- .../7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md | 2 +- .../801f0c6a-a834-4467-89c6-ddecffb46b5a.md | 8 +- .../815021c8-a50c-46d9-b192-24f71072c400.md | 2 +- .../84c826c9-1893-4b34-8cdd-db97645b4bf3.md | 2 +- .../86b1fa30-9790-4980-994d-a27e0f6f27c1.md | 2 +- .../86e3702f-c868-44b2-b61d-ea5316c18110.md | 2 +- .../881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md | 2 +- .../8aee4754-970d-4c5f-8142-a49dfe388b1a.md | 2 +- .../8af270ce-298b-4405-9922-82a10aee7a4f.md | 2 +- .../8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md | 2 +- .../8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md | 2 +- .../8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md | 2 +- .../8c84f75e-5048-4926-a4cb-33e7b3431300.md | 2 +- .../8d0921d6-4131-461f-a253-99e873f8f77e.md | 2 +- .../8db5544e-4874-4baa-9322-e9f75a2d219e.md | 2 +- .../8fe1846f-52cc-4413-ace9-1933d7d23672.md | 2 +- .../9239c289-9e4c-4d92-8be1-9d506057c971.md | 2 +- .../962fa01e-b791-4dcc-b04a-4a3e7389be5e.md | 2 +- .../9670f240-7b4d-4955-bd93-edaa9fa38b58.md | 2 +- .../96729c6b-7400-4d9e-9807-17f00cdde4d2.md | 2 +- .../96beb800-566f-49a9-a0ea-dbdf4bc80429.md | 2 +- .../98295b32-ec09-4b5b-89a9-39853197f914.md | 8 +- .../990eaf09-d6f1-4c3c-b174-a517b1de8917.md | 2 +- .../9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md | 4 +- .../9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md | 2 +- .../9d967a2b-9d64-41a6-abea-dfc4960299bd.md | 2 +- .../9f88c88d-824d-4d9a-b985-e22977046042.md | 2 +- .../a0bf7382-5d5a-4224-924c-3db8466026c9.md | 2 +- .../a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md | 2 +- .../a4247b11-890b-45df-bf42-350a7a3af9be.md | 2 +- .../a46928f1-43d7-4671-94e0-2dd99746f389.md | 2 +- .../a4dd69b8-49fa-45d2-a060-c76655405b05.md | 2 +- .../a5375be3-521c-43bb-9eab-e2432e368ee4.md | 2 +- .../a599b0d1-ff89-4cb8-9ece-9951854c06f6.md | 2 +- .../a6847dc6-f4ea-45ac-a81f-93291ae6c573.md | 2 +- .../a68da022-e95a-4bc2-97d3-481e0bd6d446.md | 2 +- .../a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md | 2 +- .../a9228976-10cf-4b5f-b902-9e962aad037a.md | 2 +- .../a92be1d5-d762-484a-86d6-8cd0907ba100.md | 2 +- .../a96bbc06-8cde-4295-ad3c-ee343a7f658e.md | 2 +- .../ab1263c2-81df-46f0-9f2c-0b62fdb68419.md | 2 +- .../ab2af219-cd08-4233-b5a1-a788aac88b51.md | 2 +- .../ae13a37d-943b-47a7-a970-83c8598bcca3.md | 2 +- .../aecee30b-8ea1-4776-a99c-d6d600f0862f.md | 2 +- .../b05bb927-2df5-43cc-8d7b-6825c0e71625.md | 2 +- .../b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md | 2 +- .../b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md | 2 +- .../b2f275be-7d64-4064-b418-be6b431363a7.md | 2 +- .../b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md | 4 +- .../b3871dd8-9333-4d6c-bd52-67eb898b71ab.md | 2 +- .../b4803607-ed72-4d60-99e2-3fa6edf471c6.md | 2 +- .../b481d46c-9c61-480f-86d9-af07146dc4a4.md | 2 +- .../b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md | 2 +- .../b9db8a10-020c-49ca-88c6-780e5fdb4328.md | 2 +- .../ba066cda-e808-450d-92b6-f29109754d45.md | 2 +- .../ba239cb9-f342-4c20-812d-7b5a2aa6969e.md | 2 +- .../baade968-7467-41e4-bf22-83ca222f5800.md | 2 +- .../bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md | 2 +- .../bccfa089-89e4-47e0-a0e5-185fe6902220.md | 2 +- .../be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md | 2 +- .../be1d8733-3731-40c7-a845-734741c6871d.md | 2 +- .../be3e170e-1572-461e-a8b6-d963def581ec.md | 4 +- .../c19779a9-5774-4d2f-a3a1-a99831730375.md | 2 +- .../c254adc4-ef25-46e1-8270-b7944adb4198.md | 2 +- .../c38d630d-a415-4e3e-bac2-65475979ba88.md | 2 +- .../c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md | 2 +- .../c5bb7461-aa57-470b-a714-3bc3d74f4669.md | 2 +- .../c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md | 2 +- .../ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md | 8 +- .../cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md | 2 +- .../ceefb058-8065-418f-9c4c-584a78c7e104.md | 2 +- .../cf4a5f45-a27b-49df-843a-9911dbfe71d4.md | 2 +- .../d15db953-a553-4b8a-9a14-a3d62ea3d79d.md | 2 +- .../d172a060-8569-4412-8045-3560ebd477e8.md | 2 +- .../d2361d58-361c-49f0-9e50-b957fd608b29.md | 2 +- .../d3ea644a-9a5c-4fee-941f-f8a6786c0470.md | 2 +- .../d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md | 2 +- .../d47940ca-5970-45cc-bdd1-4d81398cee1f.md | 2 +- .../d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md | 2 +- .../d674aea4-ba8b-454b-bb97-88a772ea33f0.md | 2 +- .../d86655c0-92f6-4ffc-b4d5-5b5775804c27.md | 2 +- .../d929c031-078f-4241-b802-e224656ad890.md | 2 +- .../dadc2f36-1f5a-46c0-8289-75e626583123.md | 2 +- .../e2ffa504-d22a-4c94-b6c5-f661849d2db7.md | 2 +- .../e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md | 2 +- .../e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md | 2 +- .../e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md | 2 +- .../eb3f9744-d24e-4614-b1ff-2a9514eca21c.md | 2 +- .../ed48229d-d43e-4da7-b453-5f98d964a57a.md | 2 +- .../f2702af5-6016-46cb-bbc8-84c766032095.md | 2 +- .../f29904c8-6041-4bca-b043-dfa0546b8079.md | 8 +- .../f30ee711-0082-4480-85ab-31d922d9a2b2.md | 2 +- .../f368dd2d-9344-4146-a05b-7c6faa1269ad.md | 2 +- .../f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md | 2 +- .../f525cc92-9050-4c41-a75c-890dc6f64449.md | 2 +- .../f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md | 2 +- .../f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md | 2 +- .../f985a7d2-d404-4a7f-9814-f645f791e46e.md | 2 +- .../fb7d81e7-4150-48c4-b914-92fc05da6a2f.md | 2 +- .../fb889ae9-2d16-40b5-b41f-9da716c5abc1.md | 6 +- .../fbf699b5-ef74-4542-9cf1-f6eeac379373.md | 2 +- .../95588189-1abd-4df1-9588-b0a5034f9e87.md | 2 +- .../00603add-7f72-448f-a6c0-9e456a7a3f94.md | 2 +- .../2ca87964-fe7e-4cdc-899c-427f0f3525f8.md | 2 +- .../327b0729-4c5c-4c44-8b5c-e476cd9c7290.md | 2 +- .../647de8aa-5a42-41b5-9faf-22136f117380.md | 2 +- .../9850d621-7485-44f7-8bdd-b3cf426315cf.md | 2 +- .../9b18fc19-7fb8-49b1-8452-9c757c70f926.md | 2 +- .../a1120ee4-a712-42d9-8fb5-22595fed643b.md | 2 +- .../abcefee4-a0c1-4245-9f82-a473f79a9e2f.md | 2 +- .../b6a7e0ae-aed8-4a19-a993-a95760bf8836.md | 2 +- .../bccb296f-362c-4b05-9221-86d1437a1016.md | 2 +- .../bf4b48b9-fc1f-4552-984a-4becdb5bf503.md | 2 +- .../d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md | 2 +- .../daa581ef-731c-4121-832d-cf078f67759d.md | 2 +- .../e93bbe63-a631-4c0f-b6ef-700d48441ff2.md | 2 +- .../f27791a5-e2ae-4905-8910-6f995c576d09.md | 2 +- .../49e30ac8-f58e-4222-b488-3dcb90158ec1.md | 2 +- .../cb8e4bf0-903d-45c6-a278-9a947d82a27b.md | 2 +- .../ee305555-6b1d-4055-94cf-e22131143c34.md | 2 +- .../48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md | 2 +- .../965e8830-2bec-4b9b-a7f0-24dbc200a68f.md | 2 +- .../0d7ef70f-e176-44e6-bdba-add3e429788d.md | 2 +- .../165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md | 2 +- .../434945e5-4dfd-41b1-aba1-47075ccd9265.md | 2 +- .../4495bc5d-4d1e-4a26-ae92-152d18195648.md | 2 +- .../4d424558-c6d1-453c-be98-9a7f877abd9a.md | 2 +- .../59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md | 2 +- .../a4d32883-aac7-42e1-b403-9415af0f3846.md | 2 +- .../d5d1fe08-89db-440c-8725-b93223387309.md | 2 +- .../dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md | 2 +- .../f99d3482-fa8c-4f79-bad9-35212dded164.md | 4 +- docs/queries/terraform-queries.md | 50 ++-- .../07fc3413-e572-42f7-9877-5c8fc6fccfb5.md | 2 +- .../0ad60203-c050-4115-83b6-b94bde92541d.md | 2 +- .../15d8a7fd-465a-4d15-a868-add86552f17b.md | 2 +- .../17172bc2-56fb-4f17-916f-a014147706cd.md | 2 +- .../17e52ca3-ddd0-4610-9d56-ce107442e110.md | 2 +- .../1e434b25-8763-4b00-a5ca-ca03b7abbb66.md | 2 +- .../21719347-d02b-497d-bda4-04a03c8e5b61.md | 2 +- .../21cef75f-289f-470e-8038-c7cee0664164.md | 2 +- .../228c4c19-feeb-4c18-848c-800ac70fdfb7.md | 2 +- .../23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md | 2 +- .../23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md | 2 +- .../24b132df-5cc7-4823-8029-f898e1c50b72.md | 2 +- .../26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md | 2 +- .../2a153952-2544-4687-bcc9-cc8fea814a9b.md | 2 +- .../2a52567c-abb8-4651-a038-52fa27c77aed.md | 2 +- .../2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md | 2 +- .../2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md | 2 +- .../3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md | 2 +- .../375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md | 2 +- .../38028698-e663-4ef7-aa92-773fef0ca86f.md | 2 +- .../3a81fc06-566f-492a-91dd-7448e409e2cd.md | 2 +- .../3f55386d-75cd-4e9a-ac47-167b26c04724.md | 2 +- .../420e6360-47bb-46f6-9072-b20ed22c842d.md | 2 +- .../455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md | 2 +- .../461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md | 2 +- .../48388bd2-7201-4dcc-b56d-e8a9efa58fad.md | 2 +- .../4950837c-0ce5-4e42-9bee-a25eae73740b.md | 2 +- .../4c415497-7410-4559-90e8-f2c8ac64ee38.md | 2 +- .../4e203a65-c8d8-49a2-b749-b124d43c9dc1.md | 2 +- .../4e74cf4f-ff65-4c1a-885c-67ab608206ce.md | 2 +- .../51bed0ac-a8ae-407a-895e-90c6cb0610ce.md | 2 +- .../522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md | 2 +- .../539e4557-d2b5-4d57-a001-cb01140a4e2d.md | 2 +- .../577ac19c-6a77-46d7-9f14-e049cdd15ec2.md | 2 +- .../587d5d82-70cf-449b-9817-f60f9bccb88c.md | 2 +- .../58876b44-a690-4e9f-9214-7735fa0dd15d.md | 2 +- .../59312e8a-a64e-41e7-a252-618533dd1ea8.md | 2 +- .../5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md | 2 +- .../5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md | 2 +- .../5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md | 2 +- .../5f4735ce-b9ba-4d95-a089-a37a767b716f.md | 2 +- .../60af03ff-a421-45c8-b214-6741035476fa.md | 2 +- .../6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md | 2 +- .../7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md | 2 +- .../737a0dd9-0aaa-4145-8118-f01778262b8a.md | 2 +- .../7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md | 2 +- .../826abb30-3cd5-4e0b-a93b-67729b4f7e63.md | 2 +- .../8657197e-3f87-4694-892b-8144701d83c1.md | 2 +- .../86a947ea-f577-4efb-a8b0-5fc00257d521.md | 2 +- .../87065ef8-de9b-40d8-9753-f4a4303e27a4.md | 2 +- .../953c0cc6-5f30-44cb-a803-bf4ef2571be8.md | 2 +- .../9aa32890-ac1a-45ee-81ca-5164e2098556.md | 2 +- .../a05331ee-1653-45cb-91e6-13637a76e4f0.md | 2 +- .../a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md | 2 +- .../a62a99d1-8196-432f-8f80-3c100b05d62a.md | 2 +- .../a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md | 2 +- .../a737be28-37d8-4bff-aa6d-1be8aa0a0015.md | 2 +- .../a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md | 2 +- .../a9a13d4f-f17a-491b-b074-f54bffffcb4a.md | 2 +- .../aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md | 2 +- .../abcb818b-5af7-4d72-aba9-6dd84956b451.md | 2 +- .../ac1564a3-c324-4747-9fa1-9dfc234dace0.md | 2 +- .../ad69e38a-d92e-4357-a8da-f2f29d545883.md | 2 +- .../05db341e-de7d-4972-a106-3e2bd5ee53e1.md | 2 +- .../063234c0-91c0-4ab5-bbd0-47ddb5f23786.md | 2 +- .../140869ea-25f2-40d4-a595-0c0da135114e.md | 2 +- .../1455cb21-1d48-46d6-8ae3-cef911b71fd5.md | 2 +- .../1b4565c0-4877-49ac-ab03-adebbccd42ae.md | 2 +- .../1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md | 2 +- .../2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md | 2 +- .../2b13c6ff-b87a-484d-86fd-21ef6e97d426.md | 4 +- .../2bb13841-7575-439e-8e0a-cccd9ede2fa8.md | 2 +- .../39750e32-3fe9-453b-8c33-dd277acdb2cc.md | 2 +- .../41a38329-d81b-4be4-aef4-55b2615d3282.md | 2 +- .../44d434ca-a9bf-4203-8828-4c81a8d5a598.md | 2 +- .../4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md | 2 +- .../5e0fb613-ba9b-44c3-88f0-b44188466bfd.md | 2 +- .../5f670f9d-b1b4-4c90-8618-2288f1ab9676.md | 2 +- .../60587dbd-6b67-432e-90f7-a8cf1892d968.md | 2 +- .../6107c530-7178-464a-88bc-df9cdd364ac8.md | 2 +- .../62232513-b16f-4010-83d7-51d0e1d45426.md | 2 +- .../66505003-7aba-45a1-8d83-5162d5706ef5.md | 2 +- .../67bfdff1-31ce-4525-b564-e94368735360.md | 2 +- .../69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md | 2 +- .../70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md | 2 +- .../72ceb736-0aee-43ea-a191-3a69ab135681.md | 2 +- .../7a1ee8a9-71be-4b11-bb70-efb62d16863b.md | 2 +- .../7db8bd7e-9772-478c-9ec5-4bc202c5686f.md | 2 +- .../81ce9394-013d-4731-8fcc-9d229b474073.md | 2 +- .../88541597-6f88-42c8-bac6-7e0b855e8ff6.md | 2 +- .../89143358-cec6-49f5-9392-920c591c669c.md | 2 +- .../8c0695d8-2378-4cd6-8243-7fd5894fa574.md | 2 +- .../8f98334a-99aa-4d85-b72a-1399ca010413.md | 2 +- .../9ef08939-ea40-489c-8851-667870b2ef50.md | 2 +- .../a597e05a-c065-44e7-9cc8-742f572a504a.md | 2 +- .../a8128dd2-89b0-464b-98e9-5d629041dfe0.md | 2 +- .../a9dfec39-a740-4105-bbd6-721ba163c053.md | 2 +- .../b9b7ada8-3868-4a35-854e-6100a2bb863d.md | 2 +- .../b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md | 2 +- .../c01d10de-c468-4790-b3a0-fc887a56f289.md | 2 +- .../c065b98e-1515-4991-9dca-b602bd6a2fbb.md | 2 +- .../cb319d87-b90f-485e-a7e7-f2408380f309.md | 2 +- .../d2731f3d-a992-44ed-812e-f4f1c2747d71.md | 2 +- .../d53f4123-f8d8-4224-8cb3-f920b151cc98.md | 2 +- .../dbfc834a-56e5-4750-b5da-73fda8e73f70.md | 2 +- .../dc158941-28ce-481d-a7fa-dc80761edf46.md | 2 +- .../dcda2d32-e482-43ee-a926-75eaabeaa4e0.md | 2 +- .../dd706080-b7a8-47dc-81fb-3e8184430ec0.md | 2 +- .../e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md | 2 +- .../e8e62026-da63-4904-b402-65adfe3ca975.md | 2 +- .../ec62a32c-a297-41ca-a850-cab40b42094a.md | 2 +- .../ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md | 2 +- .../ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md | 2 +- .../ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md | 2 +- .../f20e97f9-4919-43f1-9be9-f203cd339cdd.md | 2 +- .../f262118c-1ac6-4bb3-8495-cc48f1775b85.md | 2 +- .../faaefc15-51a5-419e-bb5e-51a4b5ab3485.md | 2 +- .../fe286195-e75c-4359-bd58-00847c4f855a.md | 2 +- .../00e5e55e-c2ff-46b3-a757-a7a1cd802456.md | 2 +- .../01d50b14-e933-4c99-b314-6d08cd37ad35.md | 2 +- .../030d3b18-1821-45b4-9e08-50efbe7becbb.md | 2 +- .../034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md | 2 +- .../04c686f1-e0cd-4812-88e1-4e038410074c.md | 2 +- .../051f2063-2517-4295-ad8e-ba88c1bf5cfc.md | 2 +- .../081069cb-588b-4ce1-884c-2a1ce3029fe5.md | 2 +- .../084c6686-2a70-4710-91b1-000393e54c12.md | 2 +- .../08bd0760-8752-44e1-9779-7bb369b2b4e4.md | 2 +- .../09c35abf-5852-4622-ac7a-b987b331232e.md | 2 +- .../0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md | 2 +- .../0a592060-8166-49f5-8e65-99ac6dce9871.md | 2 +- .../0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md | 2 +- .../0a96ce49-4163-4ee6-8169-eb3b0797d694.md | 2 +- .../0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md | 2 +- .../0afbcfe9-d341-4b92-a64c-7e6de0543879.md | 2 +- .../0b4869fc-a842-4597-aa00-1294df425440.md | 2 +- .../0b530315-0ea4-497f-b34c-4ff86268f59d.md | 2 +- .../0b93729a-d882-4803-bdc3-ac429a21f158.md | 2 +- .../0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md | 4 +- .../0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md | 2 +- .../0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md | 2 +- .../0e32d561-4b5a-4664-a6e3-a3fa85649157.md | 2 +- .../0e59d33e-bba2-4037-8f88-9765647ca7ad.md | 2 +- .../0f6cbf69-41bb-47dc-93f3-3844640bf480.md | 2 +- .../0fd7d920-4711-46bd-aff2-d307d82cd8b7.md | 2 +- .../113208f2-a886-4526-9ecc-f3218600e12c.md | 2 +- .../118281d0-6471-422e-a7c5-051bc667926e.md | 2 +- .../126c1788-23c2-4a10-906c-ef179f4f96ec.md | 2 +- .../12933609-c5bf-44b4-9a41-a6467c3b685b.md | 2 +- .../12b7e704-37f0-4d1e-911a-44bf60c48c21.md | 2 +- .../132a8c31-9837-4203-9fd1-15ca210c7b73.md | 2 +- .../1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md | 2 +- .../1419b4c6-6d5c-4534-9cf6-6a5266085333.md | 2 +- .../151187cb-0efc-481c-babd-ad24e3c9bc22.md | 2 +- .../15ccec05-5476-4890-ad19-53991eba1db8.md | 2 +- .../15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md | 2 +- .../15ffbacc-fa42-4f6f-a57d-2feac7365caa.md | 2 +- .../16c4216a-50d3-4785-bfb2-4adb5144a8ba.md | 2 +- .../1743f5f1-0bb0-4934-acef-c80baa5dadfa.md | 2 +- .../17b30f8f-8dfb-4597-adf6-57600b6cf25e.md | 2 +- .../19ffbe31-9d72-4379-9768-431195eae328.md | 2 +- .../1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md | 2 +- .../1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md | 2 +- .../1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md | 2 +- .../1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md | 2 +- .../1b6799eb-4a7a-4b04-9001-8cceb9999326.md | 2 +- .../1bc1c685-e593-450e-88fb-19db4c82aa1d.md | 2 +- .../1bc367f6-901d-4870-ad0c-71d79762ef52.md | 2 +- .../1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md | 2 +- .../1df37f4b-7197-45ce-83f8-9994d2fcf885.md | 2 +- .../1e0ef61b-ad85-4518-a3d3-85eaad164885.md | 2 +- .../1ec253ab-c220-4d63-b2de-5b40e0af9293.md | 2 +- .../20018359-6fd7-4d05-ab26-d4dffccbdf79.md | 2 +- .../2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md | 2 +- .../2285e608-ddbc-47f3-ba54-ce7121e31216.md | 2 +- .../22fbfeac-7b5a-421a-8a27-7a2178bb910b.md | 2 +- .../23b70e32-032e-4fa6-ba5c-82f56b9980e6.md | 2 +- .../23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md | 2 +- .../24e16922-4330-4e9d-be8a-caa90299466a.md | 2 +- .../254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md | 2 +- .../25d251f3-f348-4f95-845c-1090e41a615c.md | 2 +- .../25db74bf-fa3b-44da-934e-8c3e005c0453.md | 2 +- .../27c6a499-895a-4dc7-9617-5c485218db13.md | 2 +- .../28545147-2fc6-42d5-a1f9-cf226658e591.md | 2 +- .../2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md | 2 +- .../2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md | 2 +- .../2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md | 2 +- .../2f01fb2d-828a-499d-b98e-b83747305052.md | 2 +- .../2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md | 2 +- .../2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md | 2 +- .../2f737336-b18a-4602-8ea0-b200312e1ac1.md | 2 +- .../30b88745-eebe-4ecb-a3a9-5cf886e96204.md | 2 +- .../31245f98-a6a9-4182-9fc1-45482b9d030a.md | 2 +- .../3199c26c-7871-4cb3-99c2-10a59244ce7f.md | 2 +- .../3206240f-2e87-4e58-8d24-3e19e7c83d7c.md | 2 +- .../33627268-1445-4385-988a-318fd9d1a512.md | 2 +- .../34b921bd-90a0-402e-a0a5-dc73371fd963.md | 2 +- .../35113e6f-2c6b-414d-beec-7a9482d3b2d1.md | 2 +- .../3561130e-9c5f-485b-9e16-2764c82763e5.md | 2 +- .../35ccf766-0e4d-41ed-9ec4-2dab155082b4.md | 2 +- .../37304d3f-f852-40b8-ae3f-725e87a7cedf.md | 2 +- .../381c3f2a-ef6f-4eff-99f7-b169cda3422c.md | 2 +- .../38b85c45-e772-4de8-a247-69619ca137b3.md | 2 +- .../38c5ee0d-7f22-4260-ab72-5073048df100.md | 2 +- .../3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md | 2 +- .../3af7f2fd-06e6-4dab-b996-2912bea19ba4.md | 2 +- .../3b6d777b-76e3-4133-80a3-0d6f667ade7f.md | 2 +- .../3d3f6270-546b-443c-adb4-bb6fb2187ca6.md | 2 +- .../3db3f534-e3a3-487f-88c7-0a9fbf64b702.md | 2 +- .../3dd96caa-0b5f-4a85-b929-acfac4646cc2.md | 2 +- .../3ddfa124-6407-4845-a501-179f90c65097.md | 2 +- .../3deec14b-03d2-4d27-9670-7d79322e3340.md | 2 +- .../3ef8696c-e4ae-4872-92c7-520bb44dfe77.md | 2 +- .../4003118b-046b-4640-b200-b8c7a4c8b89f.md | 4 +- .../41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md | 2 +- .../42bb6b7f-6d54-4428-b707-666f669d94fb.md | 2 +- .../42f4b905-3736-4213-bfe9-c0660518cda8.md | 2 +- .../43a41523-386a-4cb1-becb-42af6b414433.md | 2 +- .../443488f5-c734-460b-a36d-5b3f330174dc.md | 2 +- .../44ceb4fa-0897-4fd2-b676-30e7a58f2933.md | 2 +- .../45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md | 2 +- .../46883ce1-dc3e-4b17-9195-c6a601624c73.md | 2 +- .../4728cd65-a20c-49da-8b31-9c08b423e4db.md | 2 +- .../4766d3ea-241c-4ee6-93ff-c380c996bd1a.md | 2 +- .../48207659-729f-4b5c-9402-f884257d794f.md | 2 +- .../482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md | 2 +- .../4849211b-ac39-479e-ae78-5694d506cb24.md | 2 +- .../4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md | 2 +- .../4bb76f17-3d63-4529-bdca-2b454529d774.md | 2 +- .../4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md | 2 +- .../4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md | 2 +- .../4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md | 2 +- .../4c18a45b-4ab1-4790-9f83-399ac695f1e5.md | 2 +- .../4d46ff3b-7160-41d1-a310-71d6d370b08f.md | 2 +- .../4de9de27-254e-424f-bd70-4c1e95790838.md | 2 +- .../4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md | 2 +- .../4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md | 2 +- .../4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md | 2 +- .../4fa66806-0dd9-4f8d-9480-3174d39c7c91.md | 2 +- .../52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md | 2 +- .../52ffcfa6-6c70-4ea6-8376-d828d3961669.md | 2 +- .../54229498-850b-4f78-b3a7-218d24ef2c37.md | 2 +- .../54378d69-dd7c-4b08-a43e-80d563396857.md | 2 +- .../54c417bf-c762-48b9-9d31-b3d87047e3f0.md | 2 +- .../55af1353-2f62-4fa0-a8e1-a210ca2708f5.md | 2 +- .../568a4d22-3517-44a6-a7ad-6a7eed88722c.md | 2 +- .../56a585f5-555c-48b2-8395-e64e4740a9cf.md | 2 +- .../56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md | 2 +- .../571254d8-aa6a-432e-9725-535d3ef04d69.md | 2 +- .../575a2155-6af1-4026-b1af-d5bc8fe2a904.md | 2 +- .../57b9893d-33b1-4419-bcea-a717ea87e139.md | 2 +- .../5813ef56-fa94-406a-b35d-977d4a56ff2b.md | 2 +- .../5864d189-ee9a-4009-ac0c-8a582e6b7919.md | 2 +- .../58b35504-0287-4154-bf69-02c0573deab8.md | 2 +- .../590d878b-abdc-428f-895a-e2b68a0e1998.md | 2 +- .../5a2486aa-facf-477d-a5c1-b010789459ce.md | 2 +- .../5b4d4aee-ac94-4810-9611-833636e5916d.md | 2 +- .../5b8d7527-de8e-4114-b9dd-9d988f1f418f.md | 2 +- .../5ba6229c-8057-433e-91d0-21cf13569ca9.md | 2 +- .../5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md | 2 +- .../5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md | 2 +- .../5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md | 2 +- .../5d9e3164-9265-470c-9a10-57ae454ac0c7.md | 2 +- .../5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md | 2 +- .../5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md | 2 +- .../60224630-175a-472a-9e23-133827040766.md | 2 +- .../60263b4a-6801-4587-911d-919c37ed733b.md | 2 +- .../61cf9883-1752-4768-b18c-0d57f2737709.md | 2 +- .../625abc0e-f980-4ac9-a775-f7519ee34296.md | 2 +- .../63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md | 2 +- .../64a222aa-7793-4e40-915f-4b302c76e4d4.md | 2 +- .../656880aa-1388-488f-a6d4-8f73c23149b2.md | 2 +- .../65905cec-d691-4320-b320-2000436cb696.md | 2 +- .../66c6f96f-2d9e-417e-a998-9058aeeecd44.md | 2 +- .../66cd88ac-9ddf-424a-b77e-e55e17630bee.md | 2 +- .../66f130d9-b81d-4e8e-9b08-da74b9c891df.md | 2 +- .../671211c5-5d2a-4e97-8867-30fc28b02216.md | 2 +- .../68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md | 2 +- .../69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md | 2 +- .../6b2739db-9c49-4db7-b980-7816e0c248c1.md | 2 +- .../6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md | 2 +- .../6d23d87e-1c5b-4308-b224-92624300f29b.md | 2 +- .../6db03a91-f933-4f13-ab38-a8b87a7de54d.md | 2 +- .../6db52fa6-d4da-4608-908a-89f0c59e743e.md | 2 +- .../6deb34e2-5d9c-499a-801b-ea6d9eda894f.md | 2 +- .../6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md | 2 +- .../6e3fd2ed-5c83-4c68-9679-7700d224d379.md | 2 +- .../6e8849c1-3aa7-40e3-9063-b85ee300f29f.md | 2 +- .../704dadd3-54fc-48ac-b6a0-02f170011473.md | 2 +- .../7081f85c-b94d-40fd-8b45-a4f1cac75e46.md | 2 +- .../70b42736-efee-4bce-80d5-50358ed94990.md | 2 +- .../70cb518c-d990-46f6-bc05-44a5041493d6.md | 2 +- .../730675f9-52ed-49b6-8ead-0acb5dd7df7f.md | 2 +- .../7350fa23-dcf7-4938-916d-6a60b0c73b50.md | 2 +- .../741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md | 2 +- .../75ec6890-83af-4bf1-9f16-e83726df0bd0.md | 2 +- .../76976de7-c7b1-4f64-a94f-90c1345914c2.md | 2 +- .../7782d4b3-e23e-432b-9742-d9528432e771.md | 2 +- .../78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md | 2 +- .../7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md | 2 +- .../7af43613-6bb9-4a0e-8c4d-1314b799425e.md | 2 +- .../7c96920c-6fd0-449d-9a52-0aa431b6beaf.md | 2 +- .../7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md | 2 +- .../7dbba512-e244-42dc-98bb-422339827967.md | 2 +- .../7e4a6e76-568d-43ef-8c4e-36dea481bff1.md | 2 +- .../7ebc9038-0bde-479a-acc4-6ed7b6758899.md | 2 +- .../8055dec2-efb8-4fe6-8837-d9bed6ff202a.md | 2 +- .../8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md | 2 +- .../816ea8cf-d589-442d-a917-2dd0ce0e45e3.md | 2 +- .../8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md | 2 +- .../846646e3-2af1-428c-ac5d-271eccfa6faf.md | 2 +- .../862fe4bf-3eec-4767-a517-40f378886b88.md | 2 +- .../86571149-eef3-4280-a645-01e60df854b0.md | 2 +- .../874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md | 2 +- .../88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md | 2 +- .../89561b03-cb35-44a9-a7e9-8356e71606f4.md | 2 +- .../89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md | 2 +- .../8b1b1e67-6248-4dca-bbad-93486bb181c0.md | 2 +- .../8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md | 2 +- .../8bfbf7ab-d5e8-4100-8618-798956e101e0.md | 2 +- .../8c849af7-a399-46f7-a34c-32d3dc96f1fc.md | 2 +- .../8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md | 2 +- .../8e94dced-9bcc-4203-8eb7-7e41202b2505.md | 2 +- .../8f3c16b3-354d-45db-8ad5-5066778a9485.md | 2 +- .../8f75840d-9ee7-42f3-b203-b40e3979eb12.md | 2 +- .../8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md | 2 +- .../91bea7b8-0c31-4863-adc9-93f6177266c4.md | 2 +- .../91f16d09-689e-4926-aca7-155157f634ed.md | 2 +- .../92d65c51-5d82-4507-a2a1-d252e9706855.md | 2 +- .../92fe237e-074c-4262-81a4-2077acb928c1.md | 2 +- .../94690d79-b3b0-43de-b656-84ebef5753e5.md | 2 +- .../94fbe150-27e3-4eba-9ca6-af32865e4503.md | 2 +- .../9630336b-3fed-4096-8173-b9afdfe346a7.md | 2 +- .../967eb3e6-26fc-497d-8895-6428beb6e8e2.md | 2 +- .../96e8183b-e985-457b-90cd-61c0503a3369.md | 2 +- .../96ed3526-0179-4c73-b1b2-372fde2e0d13.md | 2 +- .../970d224d-b42a-416b-81f9-8f4dfe70c4bc.md | 2 +- .../970ed7a2-0aca-4425-acf1-0453c9ecbca1.md | 2 +- .../97cb0688-369a-4d26-b1f7-86c4c91231bc.md | 2 +- .../982aa526-6970-4c59-8b9b-2ce7e019fe36.md | 2 +- .../98a8f708-121b-455b-ae2f-da3fb59d17e1.md | 2 +- .../98d59056-f745-4ef5-8613-32bca8d40b7e.md | 2 +- .../9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md | 2 +- .../9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md | 2 +- .../9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md | 2 +- .../9b877bd8-94b4-4c10-a060-8e0436cc09fa.md | 2 +- .../9ba198e0-fef4-464a-8a4d-75ea55300de7.md | 2 +- .../9d0d4512-1959-43a2-a17f-72360ff06d1b.md | 2 +- .../9ec311bf-dfd9-421f-8498-0b063c8bc552.md | 2 +- .../9ef7d25d-9764-4224-9968-fa321c56ef76.md | 2 +- .../9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md | 2 +- .../9f4a9409-9c60-4671-be96-9716dbf63db1.md | 2 +- .../a186e82c-1078-4a7b-85d8-579561fde884.md | 2 +- .../a20be318-cac7-457b-911d-04cc6e812c25.md | 2 +- .../a2f548f2-188c-4fff-b172-e9a6acb216bd.md | 2 +- .../a31a5a29-718a-4ff4-8001-a69e5e4d029e.md | 2 +- .../a4966c4f-9141-48b8-a564-ffe9959945bc.md | 2 +- .../a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md | 2 +- .../abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md | 2 +- .../abdb29d4-5ca1-4e91-800b-b3569bbd788c.md | 2 +- .../ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md | 2 +- .../acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md | 2 +- .../ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md | 2 +- .../ad5b4e97-2850-4adf-be17-1d293e0b85ee.md | 2 +- .../ad9dabc7-7839-4bae-a957-aa9120013f39.md | 2 +- .../af173fde-95ea-4584-b904-bb3923ac4bda.md | 2 +- .../afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md | 2 +- .../b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md | 2 +- .../b161c11b-a59b-4431-9a29-4e19f63e6b27.md | 2 +- .../b1a72f66-2236-4f3b-87ba-0da1b366956f.md | 2 +- .../b1ffa705-19a3-4b73-b9d0-0c97d0663842.md | 2 +- .../b2315cae-b110-4426-81e0-80bb8640cdd3.md | 2 +- .../b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md | 2 +- .../b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md | 2 +- .../b3a59b8e-94a3-403e-b6e2-527abaf12034.md | 2 +- .../b4378389-a9aa-44ee-91e7-ef183f11079e.md | 2 +- .../b5681959-6c09-4f55-b42b-c40fa12d03ec.md | 2 +- .../b592ffd4-0577-44b6-bd35-8c5ee81b5918.md | 2 +- .../b69247e5-7e73-464e-ba74-ec9b715c6e12.md | 2 +- .../b72d0026-f649-4c91-a9ea-15d8f681ac09.md | 2 +- .../b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md | 2 +- .../b8a31292-509d-4b61-bc40-13b167db7e9c.md | 2 +- .../b9033580-6886-401a-8631-5f19f5bb24c7.md | 2 +- .../ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md | 2 +- .../ba48df05-eaa1-4d64-905e-4a4b051e7587.md | 2 +- .../ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md | 2 +- .../baecd2da-492a-4d59-b9dc-29540a1398e0.md | 2 +- .../bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md | 2 +- .../bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md | 2 +- .../bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md | 2 +- .../bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md | 2 +- .../bd0088a5-c133-4b20-b129-ec9968b16ef3.md | 2 +- .../be2aa235-bd93-4b68-978a-1cc65d49082f.md | 2 +- .../bf878b1a-7418-4de3-b13c-3a86cf894920.md | 2 +- .../bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md | 2 +- .../c0c1e744-0f37-445e-924a-1846f0839f69.md | 2 +- .../c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md | 2 +- .../c53c7a89-f9d7-4c7b-8b66-8a555be99593.md | 2 +- .../c583f0f9-7dfd-476b-a056-f47c62b47b46.md | 2 +- .../c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md | 2 +- .../c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md | 2 +- .../c999cf62-0920-40f8-8dda-0caccd66ed7e.md | 2 +- .../cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md | 2 +- .../cc997676-481b-4e93-aa81-d19f8c5e9b12.md | 2 +- .../ce089fd4-1406-47bd-8aad-c259772bb294.md | 2 +- .../ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md | 2 +- .../ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md | 2 +- .../ce9dfce0-5fc8-433b-944a-3b16153111a8.md | 2 +- .../cfdcabb0-fc06-427c-865b-c59f13e898ce.md | 2 +- .../d0cc8694-fcad-43ff-ac86-32331d7e867f.md | 2 +- .../d1846b12-20c5-4d45-8798-fc35b79268eb.md | 2 +- .../d24c0755-c028-44b1-b503-8e719c898832.md | 2 +- .../d25edb51-07fb-4a73-97d4-41cecdc53a22.md | 2 +- .../d364984a-a222-4b5f-a8b0-e23ab19ebff3.md | 2 +- .../d6047119-a0b2-4b59-a4f2-127a36fb685b.md | 2 +- .../d7b9d850-3e06-4a75-852f-c46c2e92240b.md | 2 +- .../db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md | 2 +- .../db78d14b-10e5-4e6e-84b1-dace6327b1ec.md | 2 +- .../de7f5e83-da88-4046-871f-ea18504b1d43.md | 2 +- .../e08ed7eb-f3ef-494d-9d22-2e3db756a347.md | 2 +- .../e227091e-2228-4b40-b046-fc13650d8e88.md | 2 +- .../e35c16a2-d54e-419d-8546-a804d8e024d0.md | 2 +- .../e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md | 2 +- .../e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md | 2 +- .../e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md | 2 +- .../e592a0c5-5bdb-414c-9066-5dba7cdea370.md | 2 +- .../e6b4b943-6883-47a9-9739-7ada9568f8ca.md | 2 +- .../e7530c3c-b7cf-4149-8db9-d037a0b5268e.md | 2 +- .../e77c89f6-9c85-49ea-b95b-5f960fe5be92.md | 2 +- .../e86e26fc-489e-44f0-9bcd-97305e4ba69a.md | 2 +- .../e979fcbc-df6c-422d-9458-c33d65e71c45.md | 2 +- .../e9b7acf9-9ba0-4837-a744-31e7df1e434d.md | 2 +- .../eaaba502-2f94-411a-a3c2-83d63cc1776d.md | 2 +- .../eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md | 2 +- .../ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md | 2 +- .../ec49cbfd-fae4-45f3-81b1-860526d66e3f.md | 2 +- .../eccc4d59-74b9-4974-86f1-74386e0c7f33.md | 2 +- .../ed35928e-195c-4405-a252-98ccb664ab7b.md | 2 +- .../eda48c88-2b7d-4e34-b6ca-04c0194aee17.md | 2 +- .../ee49557d-750c-4cc1-aa95-94ab36cbefde.md | 2 +- .../ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md | 2 +- .../eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md | 2 +- .../ef0b316a-211e-42f1-888e-64efe172b755.md | 2 +- .../f0d8781f-99bf-4958-9917-d39283b168a0.md | 2 +- .../f1173d8c-3264-4148-9fdb-61181e031b51.md | 2 +- .../f11aec39-858f-4b6f-b946-0a1bf46c0c87.md | 2 +- .../f1adc521-f79a-4d71-b55b-a68294687432.md | 2 +- .../f3674e0c-f6be-43fa-b71c-bf346d1aed99.md | 2 +- .../f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md | 2 +- .../f53f16d6-46a9-4277-9fbe-617b1e24cdca.md | 2 +- .../f83121ea-03da-434f-9277-9cd247ab3047.md | 2 +- .../f861041c-8c9f-4156-acfc-5e6e524f5884.md | 2 +- .../f906113d-cdc0-415a-ba60-609cc6daaf4d.md | 2 +- .../fa00ce45-386d-4718-8392-fb485e1f3c5b.md | 2 +- .../fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md | 2 +- .../fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md | 2 +- .../fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md | 2 +- .../fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md | 2 +- .../fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md | 2 +- .../ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md | 2 +- .../ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md | 2 +- .../0437633b-daa6-4bbc-8526-c0d2443b946e.md | 2 +- .../07f7134f-9f37-476e-8664-670c218e4702.md | 2 +- .../0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md | 2 +- .../11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md | 2 +- .../12944ec4-1fa0-47be-8b17-42a034f937c2.md | 2 +- .../16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md | 4 +- .../17f75827-0684-48f4-8747-61129c7e4198.md | 2 +- .../25c0ea09-f1c5-4380-b055-3b83863f2bb8.md | 2 +- .../261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md | 2 +- .../2ab6de9a-0136-415c-be92-79d2e4fd750f.md | 2 +- .../2b3c671f-1b76-4741-8789-ed1fe0785dc4.md | 4 +- .../2b856bf9-8e8c-4005-875f-303a8cba3918.md | 2 +- .../2e48d91c-50e4-45c8-9312-27b625868a72.md | 2 +- .../34664094-59e0-4524-b69f-deaa1a68cce3.md | 2 +- .../3790d386-be81-4dcf-9850-eaa7df6c10d9.md | 4 +- .../38c71c00-c177-4cd7-8d36-cd1007cdb190.md | 2 +- .../3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md | 2 +- .../3e3c175e-aadf-4e2b-a464-3fdac5748d24.md | 2 +- .../3fa5900f-9aac-4982-96b2-a6143d9c99fb.md | 2 +- .../4216ebac-d74c-4423-b437-35025cb88af5.md | 2 +- .../43789711-161b-4708-b5bb-9d1c626f7492.md | 2 +- .../45fc717a-bd86-415c-bdd8-677901be1aa6.md | 2 +- .../48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md | 2 +- .../4a9e0f00-0765-4f72-a0d4-d31110b78279.md | 2 +- .../4d080822-5ee2-49a4-8984-68f3d4c890fc.md | 2 +- .../5089d055-53ff-421b-9482-a5267bdce629.md | 2 +- .../525b53be-62ed-4244-b4df-41aecfcb4071.md | 2 +- .../5400f379-a347-4bdd-a032-446465fdcc6f.md | 2 +- .../55975007-f6e7-4134-83c3-298f1fe4b519.md | 2 +- .../56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md | 2 +- .../594c198b-4d79-41b8-9b36-fde13348b619.md | 2 +- .../599318f2-6653-4569-9e21-041d06c63a89.md | 2 +- .../59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md | 2 +- .../5c822443-e1ea-46b8-84eb-758ec602e844.md | 2 +- .../609839ae-bd81-4375-9910-5bce72ae7b92.md | 2 +- .../61c3cb8b-0715-47e4-b788-86dde40dd2db.md | 2 +- .../6425c98b-ca4e-41fe-896a-c78772c131f8.md | 4 +- .../73e42469-3a86-4f39-ad78-098f325b4e9f.md | 2 +- .../7750fcca-dd03-4d38-b663-4b70289bcfd4.md | 2 +- .../7f0a8696-7159-4337-ad0d-8a3ab4a78195.md | 2 +- .../819d50fd-1cdf-45c3-9936-be408aaad93e.md | 2 +- .../8263f146-5e03-43e0-9cfe-db960d56d1e7.md | 2 +- .../835a4f2f-df43-437d-9943-545ccfc55961.md | 2 +- .../83a229ba-483e-47c6-8db7-dc96969bce5a.md | 2 +- .../85da374f-b00f-4832-9d44-84a1ca1e89f8.md | 2 +- .../86f92117-eed8-4614-9c6c-b26da20ff37f.md | 2 +- .../8b042c30-e441-453f-b162-7696982ebc58.md | 2 +- .../8e75e431-449f-49e9-b56a-c8f1378025cf.md | 2 +- .../96fe318e-d631-4156-99fa-9080d57280ae.md | 2 +- .../9bb3c639-5edf-458c-8ee5-30c17c7d671d.md | 2 +- .../9c301481-e6ec-44f7-8a49-8ec63e2969ea.md | 2 +- .../9dab0179-433d-4dff-af8f-0091025691df.md | 2 +- .../9db38e87-f6aa-4b5e-a1ec-7266df259409.md | 2 +- .../a187ac47-8163-42ce-8a63-c115236be6fb.md | 2 +- .../a21c8da9-41bf-40cf-941d-330cf0d11fc7.md | 2 +- .../a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md | 2 +- .../a5613650-32ec-4975-a305-31af783153ea.md | 2 +- .../a81573f9-3691-4d83-88a0-7d4af63e17a3.md | 2 +- .../a829b715-cf75-4e92-b645-54c9b739edfb.md | 2 +- .../a99130ab-4c0e-43aa-97f8-78d4fcb30024.md | 2 +- .../ace823d1-4432-4dee-945b-cdf11a5a6bd0.md | 2 +- .../ade36cf4-329f-4830-a83d-9db72c800507.md | 2 +- .../b17d8bb8-4c08-4785-867e-cb9e62a622aa.md | 4 +- .../b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md | 2 +- .../b61cce4b-0cc4-472b-8096-15617a6d769b.md | 2 +- .../b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md | 2 +- .../b897dfbf-322c-45a8-b67c-1e698beeaa51.md | 2 +- .../b90842e5-6779-44d4-9760-972f4c03ba1c.md | 2 +- .../b947809d-dd2f-4de9-b724-04d101c515aa.md | 2 +- .../bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md | 2 +- .../bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md | 2 +- .../c1573577-e494-4417-8854-7e119368dc8b.md | 2 +- .../c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md | 2 +- .../c407c3cf-c409-4b29-b590-db5f4138d332.md | 2 +- .../c640d783-10c5-4071-b6c1-23507300d333.md | 4 +- .../c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md | 2 +- .../c7fc1481-2899-4490-bbd8-544a3a61a2f3.md | 2 +- .../c87749b3-ff10-41f5-9df2-c421e8151759.md | 2 +- .../cc4aaa9d-1070-461a-b519-04e00f42db8a.md | 2 +- .../d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md | 2 +- .../dafe30ec-325d-4516-85d1-e8e6776f012c.md | 2 +- .../dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md | 2 +- .../dfa20ffa-f476-428f-a490-424b41e91c7f.md | 2 +- .../e29a75e6-aba3-4896-b42d-b87818c16b58.md | 2 +- .../e65a0733-94a0-4826-82f4-df529f4c593f.md | 2 +- .../e9dee01f-2505-4df2-b9bf-7804d1fd9082.md | 2 +- .../efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md | 2 +- .../f118890b-2468-42b1-9ce9-af35146b425b.md | 2 +- .../f5342045-b935-402d-adf1-8dbbd09c0eef.md | 2 +- .../f7e296b0-6660-4bc5-8f87-22ac4a815edf.md | 2 +- .../f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md | 2 +- .../fd8da341-6760-4450-b26c-9f6d8850575e.md | 2 +- .../ffb02aca-0d12-475e-b77c-a726f7aeff4b.md | 2 +- .../b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md | 2 +- .../b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md | 2 +- .../bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md | 2 +- .../bd6bd46c-57db-4887-956d-d372f21291b6.md | 2 +- .../c878abb4-cca5-4724-92b9-289be68bd47c.md | 2 +- .../ca2fba76-c1a7-4afd-be67-5249f861cb0e.md | 2 +- .../ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md | 2 +- .../d532566b-8d9d-4f3b-80bd-361fe802f9c2.md | 2 +- .../e2c83c1f-84d7-4467-966c-ed41fd015bb9.md | 2 +- .../e5587d53-a673-4a6b-b3f2-ba07ec274def.md | 2 +- .../e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md | 2 +- .../e94d3121-c2d1-4e34-a295-139bfeb73ea3.md | 2 +- .../f74b9c43-161a-4799-bc95-0b0ec81801b9.md | 2 +- .../fc5109bf-01fd-49fb-8bde-4492b543c34a.md | 2 +- .../fcc2612a-1dfe-46e4-8ce6-0320959f0040.md | 2 +- .../fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md | 2 +- .../fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md | 2 +- .../02474449-71aa-40a1-87ae-e14497747b00.md | 2 +- .../11e7550e-c4b6-472e-adff-c698f157cdd7.md | 2 +- .../128df7ec-f185-48bc-8913-ce756a3ccb85.md | 2 +- .../14a457f0-473d-4d1d-9e37-6d99b355b336.md | 2 +- .../16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md | 2 +- .../1b44e234-3d73-41a8-9954-0b154135280e.md | 2 +- .../1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md | 2 +- .../22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md | 2 +- .../2f06d22c-56bd-4f73-8a51-db001fcf2150.md | 2 +- .../30e8dfd2-3591-4d19-8d11-79e93106c93d.md | 4 +- .../32ecd6eb-0711-421f-9627-1a28d9eff217.md | 2 +- .../3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md | 2 +- .../3e4d5ce6-3280-4027-8010-c26eeea1ec01.md | 2 +- .../40430747-442d-450a-a34f-dc57149f4609.md | 2 +- .../40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md | 2 +- .../4b82202a-b18e-4891-a1eb-a0989850bbb3.md | 2 +- .../4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md | 4 +- .../579a0727-9c29-4d58-8195-fc5802a8bdb4.md | 2 +- .../59571246-3f62-4965-a96f-c7d97e269351.md | 2 +- .../5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md | 2 +- .../5ef61c88-bbb4-4725-b1df-55d23c9676bb.md | 2 +- .../617ef6ff-711e-4bd7-94ae-e965911b1b40.md | 2 +- .../65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md | 2 +- .../678fd659-96f2-454a-a2a0-c2571f83a4a3.md | 2 +- .../6ccb85d7-0420-4907-9380-50313f80946b.md | 2 +- .../704fcc44-a58f-4af5-82e2-93f2a58ef918.md | 2 +- .../73fb21a1-b19a-45b1-b648-b47b1678681e.md | 2 +- .../84d36481-fd63-48cb-838e-635c44806ec2.md | 2 +- .../895ed0d9-6fec-4567-8614-d7a74b599a53.md | 2 +- .../89fe890f-b480-460c-8b6b-7d8b1468adb4.md | 2 +- .../8a893e46-e267-485a-8690-51f39951de58.md | 2 +- .../9192e0f9-eca5-4056-9282-ae2a736a4088.md | 2 +- .../92e4464a-4139-4d57-8742-b5acc0347680.md | 2 +- .../9356962e-4a4f-4d06-ac59-dc8008775eaa.md | 2 +- .../97fa667a-d05b-4f16-9071-58b939f34751.md | 2 +- .../a6cd52a1-3056-4910-96a5-894de9f3f3b3.md | 2 +- .../acfdbec6-4a17-471f-b412-169d77553332.md | 2 +- .../b139213e-7d24-49c2-8025-c18faa21ecaa.md | 2 +- .../b187edca-b81e-4fdc-aff4-aab57db45edb.md | 2 +- .../b1d51728-7270-4991-ac2f-fc26e2695b38.md | 2 +- .../bb0db090-5509-4853-a827-75ced0b3caa0.md | 2 +- .../bc280331-27b9-4acb-a010-018e8098aa5d.md | 2 +- .../bc75ce52-a60a-4660-b533-bce837a5019b.md | 2 +- .../c010082c-76e0-4b91-91d9-6e8439e455dd.md | 2 +- .../c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md | 2 +- .../c606ba1d-d736-43eb-ac24-e16108f3a9e0.md | 2 +- .../c68b4e6d-4e01-4ca1-b256-1e18e875785c.md | 2 +- .../c9d81239-c818-4869-9917-1570c62b81fd.md | 2 +- .../ccc3100c-0fdd-4a5e-9908-c10107291860.md | 2 +- .../cefdad16-0dd5-4ac5-8ed2-a37502c78672.md | 2 +- .../cf3c7631-cd1e-42f3-8801-a561214a6e79.md | 2 +- .../d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md | 2 +- .../d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md | 2 +- .../d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md | 2 +- .../dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md | 2 +- .../e576ce44-dd03-4022-a8c0-3906acca2ab4.md | 2 +- .../e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md | 2 +- .../e7e961ac-d17e-4413-84bc-8a1fbe242944.md | 2 +- .../ee7b93c1-b3f8-4a3b-9588-146d481814f5.md | 2 +- .../f34c0c25-47b4-41eb-9c79-249b4dd47b89.md | 2 +- .../30c2760c-740e-4672-9d7f-2c29e0cb385d.md | 8 +- .../41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md | 12 +- .../4b801c38-ebb4-4c81-984b-1ba525d43adf.md | 8 +- .../5061f84c-ab66-4660-90b9-680c9df346c0.md | 8 +- .../675e8eaa-2754-42b7-bf33-bfa295d1601d.md | 12 +- .../89218b48-75c9-4cb3-aaba-5299e852e8bc.md | 6 +- .../8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md | 8 +- .../940ddce2-26bd-4e31-a9b4-382714f73231.md | 12 +- .../944439c7-b4b8-476a-8f83-14641ea876ba.md | 12 +- .../94e47f3f-b90b-43a1-a36d-521580bae863.md | 12 +- .../9bf57c23-fbab-4222-85f3-3f207a53c6a8.md | 8 +- .../9f751a80-31f0-43a3-926c-20772791a038.md | 12 +- .../a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md | 8 +- .../a1defcb6-55e8-4511-8c2a-30b615b0e057.md | 8 +- .../afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md | 12 +- .../b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md | 6 +- .../b3535a48-910c-47f8-8b3b-14222f29ef80.md | 8 +- .../df58dd45-8009-43c2-90f7-c90eb9d53ed9.md | 6 +- .../e2de2b80-2fc2-4502-a764-40930dfcc70a.md | 12 +- .../e4610872-0b1c-4fb7-ab57-d81c0afdb291.md | 12 +- .../e5071f76-cbe7-468d-bb2b-d10f02d2b713.md | 14 +- .../e7dada38-af20-4899-8955-dabea84ab1f0.md | 8 +- .../e840c54a-7a4c-405f-b8c1-c49a54b87d11.md | 12 +- .../fb387023-e4bb-42a8-9a70-6708aa7ff21b.md | 12 +- .../18d6aa4b-7570-4d95-9c75-90363ef1abd9.md | 2 +- .../1ee0f202-31da-49ba-bbce-04a989912e4b.md | 2 +- .../3ed47402-e322-465f-a0f0-8681135a17b0.md | 2 +- .../5bb6fa08-5e84-4760-a54a-cdcd66626976.md | 2 +- .../5d820574-4a60-4916-b049-0810b8629731.md | 2 +- .../93bb2065-63ec-45a2-a466-f106b56f2e32.md | 2 +- .../966ed4f7-b8a5-4e8d-b2bf-098657c98960.md | 2 +- .../a3240001-40db-47b7-abb9-2bcd6a04c430.md | 2 +- .../a74b4602-a62c-4a02-956a-e19f86ea24b5.md | 2 +- .../ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md | 2 +- .../b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md | 2 +- .../ca94be07-7de3-4ae7-85ef-67e0462ec694.md | 2 +- .../d135a36e-c474-452f-b891-76db1e6d1cd5.md | 2 +- .../df6928ed-02f4-421f-9a67-a529860dd7e7.md | 2 +- .../fe08b81c-12e9-4b5e-9006-4218fca750fd.md | 2 +- .../fe405074-7e18-40f9-9aef-024aa1d0a889.md | 2 +- 1660 files changed, 2155 insertions(+), 2140 deletions(-) diff --git a/docs/queries/all-queries.md b/docs/queries/all-queries.md index e192fcdadf2..438ccfa279d 100644 --- a/docs/queries/all-queries.md +++ b/docs/queries/all-queries.md @@ -246,10 +246,10 @@ This page contains all queries. |Website Not Forcing HTTPS
488847ff-6031-487c-bf42-98fd6ac5c9a0|AzureResourceManager|Medium|Insecure Configurations|Query details
Documentation
| |MySQL Server SSL Enforcement Disabled
90120147-f2e7-4fda-bb21-6fa9109afd63|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| |Network Security Group With Unrestricted Access To SSH
2ade1579-4b2c-4590-bebb-f99bf597f612|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| +|PostgreSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| |PostgreSQL Database Server Log Checkpoints Disabled
f9112910-c7bb-4864-9f5e-2059ba413bb7|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| |PostgreSQL Database Server Log Connections Disabled
e69bda39-e1e2-47ca-b9ee-b6531b23aedd|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| |PostgreSQL Database Server SSL Disabled
bf500309-da53-4dd3-bcf7-95f7974545a5|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| -|PostgresSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| |Trusted Microsoft Services Not Enabled
e25b56cd-a4d6-498f-ab92-e6296a082097|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| |Website with Client Certificate Auth Disabled
92302b47-b0cc-46cb-a28f-5610ecda140b|AzureResourceManager|Medium|Networking and Firewall|Query details
Documentation
| |AKS Logging To Azure Monitoring Is Disabled
9b09dee1-f09b-4013-91d2-158fa4695f4b|AzureResourceManager|Medium|Observability|Query details
Documentation
| @@ -477,7 +477,7 @@ This page contains all queries. |IAM Policies Without Groups
5e7acff5-095b-40ac-9073-ac2e4ad8a512|CloudFormation|Low|Best Practices|Query details
Documentation
| |Lambda Permission Misconfigured
9b83114b-b2a1-4534-990d-06da015e47aa|CloudFormation|Low|Best Practices|Query details
Documentation
| |Security Group Ingress Has CIDR Not Recommended
a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd|CloudFormation|Low|Best Practices|Query details
Documentation
| -|DynamoDB With Not Recommented Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|CloudFormation|Low|Build Process|Query details
Documentation
| +|DynamoDB With Not Recommended Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|CloudFormation|Low|Build Process|Query details
Documentation
| |EFS Without Tags
08e39832-5e42-4304-98a0-aa5b43393162|CloudFormation|Low|Build Process|Query details
Documentation
| |API Gateway With Invalid Compression
d6653eee-2d4d-4e6a-976f-6794a497999a|CloudFormation|Low|Encryption|Query details
Documentation
| |CloudTrail Log Files Not Encrypted With KMS
050a9ba8-d1cb-4c61-a5e8-8805a70d3b85|CloudFormation|Low|Encryption|Query details
Documentation
| @@ -850,12 +850,12 @@ This page contains all queries. |Operation Example Mismatch Produces MimeType
2cf35b40-ded3-43d6-9633-c8dcc8bcc822|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Operation Object Parameters With 'body' And 'formatData' locations
eb3f9744-d24e-4614-b1ff-2a9514eca21c|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Parameter File Type Not In 'formData'
c3cab8c4-6c52-47a9-942b-c27f26fbd7d2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Parameter JSON Reference Does Not Exists (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Parameter JSON Reference Does Not Exist (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Incorrect Ref (v2)
2596545e-1757-4ff7-a15a-8a9a180a42f3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Property Not Unique
750b40be-4bac-4f59-bdc4-1ca0e6c3450e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Response Object With Incorrect Ref (v2)
bccfa089-89e4-47e0-a0e5-185fe6902220|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Responses JSON Reference Does Not Exists (v2)
e9db5fb4-6a84-4abb-b4af-3b94fbdace6d|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema JSON Reference Does Not Exists (v2)
98295b32-ec09-4b5b-89a9-39853197f914|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Schema JSON Reference Does Not Exist (v2)
98295b32-ec09-4b5b-89a9-39853197f914|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Schema Object Incorrect Ref (v2)
0220e1c5-65d1-49dd-b7c2-cef6d6cb5283|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Unknown Property (v2)
429b2106-ba37-43ba-9727-7f699cc611e1|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Cleartext Credentials With Basic Authentication For Operation
86b1fa30-9790-4980-994d-a27e0f6f27c1|OpenAPI|Medium|Access Control|Query details
Documentation
| @@ -896,33 +896,33 @@ This page contains all queries. |Property 'explode' of Encoding Object Ignored
a4dd69b8-49fa-45d2-a060-c76655405b05|OpenAPI|Info|Best Practices|Query details
Documentation
| |Property 'style' of Encoding Object Ignored
d3ea644a-9a5c-4fee-941f-f8a6786c0470|OpenAPI|Info|Best Practices|Query details
Documentation
| |Unknown Prefix (v3)
a5375be3-521c-43bb-9eab-e2432e368ee4|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Callback JSON Reference Does Not Exists
f29904c8-6041-4bca-b043-dfa0546b8079|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Callback JSON Reference Does Not Exist
f29904c8-6041-4bca-b043-dfa0546b8079|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Callback Object With Incorrect Ref
ba066cda-e808-450d-92b6-f29109754d45|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Components Object Fixed Field Key Improperly Named
151331e2-11f4-4bb6-bd35-9a005e695087|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Empty Array
5915c20f-dffa-4cee-b5d4-f457ddc0151a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Encoding Map Key Mismatch Schema Defined Properties
cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Example JSON Reference Does Not Exists
6a2c219f-da5e-4745-941e-5ea8cde23356|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Example JSON Reference Does Not Exist
6a2c219f-da5e-4745-941e-5ea8cde23356|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Example JSON Reference Outside Components Examples
bac56e3c-1f71-4a74-8ae6-2fba07efcddb|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Header JSON Reference Does Not Exists
376c9390-7e9e-4cb8-a067-fd31c05451fd|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Header JSON Reference Does Not Exist
376c9390-7e9e-4cb8-a067-fd31c05451fd|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Header Object With Incorrect Ref
2d6646f4-2946-420f-8c14-3232d49ae0cb|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Invalid Content Type For Multiple Files Upload
26f06397-36d8-4ce7-b993-17711261d777|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Link JSON Reference Does Not Exists
801f0c6a-a834-4467-89c6-ddecffb46b5a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Link JSON Reference Does Not Exist
801f0c6a-a834-4467-89c6-ddecffb46b5a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Link Object Incorrect Ref
b9db8a10-020c-49ca-88c6-780e5fdb4328|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Link Object OperationId Does Not Target Operation Object
c5bb7461-aa57-470b-a714-3bc3d74f4669|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Link Object With Both 'operationId' And 'operationRef'
60fb6621-9f02-473b-9424-ba9a825747d3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Object Without Required Property (v3)
d172a060-8569-4412-8045-3560ebd477e8|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Parameter JSON Reference Does Not Exists (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Parameter JSON Reference Does Not Exist (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object Content With Multiple Entries
8bfed1c6-2d59-4924-bc7f-9b9d793ed0df|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Incorrect Ref (v3)
d40f27e6-15fb-4b56-90f8-fc0ff0291c51|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Schema And Content
31dd6fc0-f274-493b-9614-e063086c19fc|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Undefined Type
46facedc-f243-4108-ab33-583b807d50b0|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Property 'allowReserved' Improperly Defined
7f203940-39c4-4ea7-91ee-7aba16bca9e2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Request Body JSON Reference Does Not Exists
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Request Body JSON Reference Does Not Exist
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Request Body Object With Incorrect Media Type
58f06434-a88c-4f74-826c-db7e10cc7def|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Request Body With Incorrect Ref
0f6cd0ab-c366-4595-84fc-fbd8b9901e4d|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Response JSON Reference Does Not Exists (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Response JSON Reference Does Not Exist (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Response Object With Incorrect Ref (v3)
b3871dd8-9333-4d6c-bd52-67eb898b71ab|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema JSON Reference Does Not Exists (v3)
015eac96-6313-43c0-84e5-81b1374fa637|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| +|Schema JSON Reference Does Not Exist (v3)
015eac96-6313-43c0-84e5-81b1374fa637|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Schema Object Incorrect Ref (v3)
4cac7ace-b0fb-477d-830d-65395d9109d9|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Schema With Both ReadOnly And WriteOnly
d2361d58-361c-49f0-9e50-b957fd608b29|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Security Field Undefined
ab1263c2-81df-46f0-9f2c-0b62fdb68419|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| @@ -933,29 +933,29 @@ This page contains all queries. |Server URL Uses Undefined Variables
8d0921d6-4131-461f-a253-99e873f8f77e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Servers Array Undefined
c66ebeaa-676c-40dc-a3ff-3e49395dcd5e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Unknown Property (v3)
fb7d81e7-4150-48c4-b914-92fc05da6a2f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Global Security Field Has An Empty Array (v2)
da31d54b-ad54-41dc-95eb-8b3828629213|OpenAPI|High|Access Control|
Documentation
| +|Global Security Field Has An Empty Array (v2)
da31d54b-ad54-41dc-95eb-8b3828629213|OpenAPI|High|Access Control|Security object need to have defined rules in its array and rules should be defined on securityScheme
Documentation
| |Global Security Field Has An Empty Array (v3)
d674aea4-ba8b-454b-bb97-88a772ea33f0|OpenAPI|High|Access Control|Query details
Documentation
| -|Global security field has an empty object (v2)
292919fb-7b26-4454-bee9-ce29094768dd|OpenAPI|High|Access Control|
Documentation
| +|Global security field has an empty object (v2)
292919fb-7b26-4454-bee9-ce29094768dd|OpenAPI|High|Access Control|Global security definition must not have empty objects
Documentation
| |Global security field has an empty object (v3)
543e38f4-1eee-479e-8eb0-15257013aa0a|OpenAPI|High|Access Control|Query details
Documentation
| |Global Security Field Is Undefined (v2)
74703c89-0ea2-49ab-a7db-bf04f19f5a57|OpenAPI|High|Access Control|Global security field should be defined to prevent API to have insecure paths and have this rules defined on securityDefinitions
Documentation
| |Global Security Field Is Undefined (v3)
8af270ce-298b-4405-9922-82a10aee7a4f|OpenAPI|High|Access Control|Query details
Documentation
| -|No Global And Operation Security Defined (v2)
586abcee-9653-462d-ad7b-2638a32bd6e6|OpenAPI|High|Access Control|
Documentation
| +|No Global And Operation Security Defined (v2)
586abcee-9653-462d-ad7b-2638a32bd6e6|OpenAPI|High|Access Control|All paths should have security scheme, if it is omitted, global security field should be defined
Documentation
| |No Global And Operation Security Defined (v3)
96729c6b-7400-4d9e-9807-17f00cdde4d2|OpenAPI|High|Access Control|Query details
Documentation
| -|Security Field On Operations Has An Empty Array (v2)
5d29effc-5d68-481f-9721-d74e5919226b|OpenAPI|High|Access Control|
Documentation
| +|Security Field On Operations Has An Empty Array (v2)
5d29effc-5d68-481f-9721-d74e5919226b|OpenAPI|High|Access Control|Security object for operations, if defined, must define a security scheme, otherwise it should be considered an error
Documentation
| |Security Field On Operations Has An Empty Array (v3)
663c442d-f918-4f62-b096-0bf5dcbeb655|OpenAPI|High|Access Control|Query details
Documentation
| -|Security Field On Operations Has An Empty Object Definition (v2)
74581e3b-1d55-4323-a139-5959a7b3abc5|OpenAPI|High|Access Control|
Documentation
| +|Security Field On Operations Has An Empty Object Definition (v2)
74581e3b-1d55-4323-a139-5959a7b3abc5|OpenAPI|High|Access Control|Security object for operations should not be empty object or has any empty object definition
Documentation
| |Security Field On Operations Has An Empty Object Definition (v3)
baade968-7467-41e4-bf22-83ca222f5800|OpenAPI|High|Access Control|Query details
Documentation
| |Array Without Maximum Number of Items (v2)
99eb2c95-2040-4104-9e7c-e16f7474d218|OpenAPI|Medium|Insecure Configurations|Array schema/parameter should have the field 'maxItems' set
Documentation
| |Array Without Maximum Number of Items (v3)
6998389e-66b2-473d-8d05-c8d71ac4d04d|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
| -|JSON Object Schema Without Properties (v2)
3d28f751-bc18-4f83-ace0-216b6086410b|OpenAPI|Medium|Insecure Configurations|
Documentation
| +|JSON Object Schema Without Properties (v2)
3d28f751-bc18-4f83-ace0-216b6086410b|OpenAPI|Medium|Insecure Configurations|Schema of the JSON object should have properties defined and 'additionalProperties' set to false.
Documentation
| |JSON Object Schema Without Properties (v3)
9d967a2b-9d64-41a6-abea-dfc4960299bd|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
| -|JSON Object Schema Without Type (v2)
62d52544-82ef-4b75-8308-cad49d50212b|OpenAPI|Medium|Insecure Configurations|
Documentation
| +|JSON Object Schema Without Type (v2)
62d52544-82ef-4b75-8308-cad49d50212b|OpenAPI|Medium|Insecure Configurations|Schema of the JSON object should have 'type' defined.
Documentation
| |JSON Object Schema Without Type (v3)
e2ffa504-d22a-4c94-b6c5-f661849d2db7|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
| |Pattern Undefined (v2)
afde15cf-9444-4126-8c62-41cd79db1d1d|OpenAPI|Medium|Insecure Configurations|String schema/parameter/header should have 'pattern' defined.
Documentation
| |Pattern Undefined (v3)
00b78adf-b83f-419c-8ed8-c6018441dd3a|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
| -|Schema Object is Empty (v2)
967575e5-eb44-4c24-aadb-7e33608ed30a|OpenAPI|Medium|Insecure Configurations|
Documentation
| +|Schema Object is Empty (v2)
967575e5-eb44-4c24-aadb-7e33608ed30a|OpenAPI|Medium|Insecure Configurations|The Schema Object should not be empty to avoid accepting any JSON values
Documentation
| |Schema Object is Empty (v3)
500ce696-d501-41dd-86eb-eceb011a386f|OpenAPI|Medium|Insecure Configurations|Query details
Documentation
| -|Response on operations that should have a body has undefined schema (v2)
31afbcb7-70e0-48bb-a31a-3374f95cf859|OpenAPI|Medium|Networking and Firewall|
Documentation
| +|Response on operations that should have a body has undefined schema (v2)
31afbcb7-70e0-48bb-a31a-3374f95cf859|OpenAPI|Medium|Networking and Firewall|If a response is not head or its code is not 204 or 304, it should have a schema defined
Documentation
| |Response on operations that should have a body has undefined schema (v3)
a92be1d5-d762-484a-86d6-8cd0907ba100|OpenAPI|Medium|Networking and Firewall|Query details
Documentation
| |API Key Exposed In Global Security (v2)
533a0d13-6e89-4551-ae33-bce14e5849c1|OpenAPI|Low|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.
Documentation
| |API Key Exposed In Global Security (v3)
aecee30b-8ea1-4776-a99c-d6d600f0862f|OpenAPI|Low|Access Control|Query details
Documentation
| @@ -963,117 +963,117 @@ This page contains all queries. |API Key Exposed In Operation Security (v3)
281b8071-6226-4a43-911d-fec246d422c2|OpenAPI|Low|Access Control|Query details
Documentation
| |Array Items Has No Type (v2)
8697a1a4-82c6-4603-8ac8-57529756744e|OpenAPI|Low|Insecure Configurations|Schema/Parameter array items type should be defined
Documentation
| |Array Items Has No Type (v3)
be0e0df7-f3d9-42a1-9b6f-d425f94872c4|OpenAPI|Low|Insecure Configurations|Query details
Documentation
| -|Invalid Format (v2)
caf1793e-95dd-4b18-8d90-8f3c0ab5bddf|OpenAPI|Low|Insecure Configurations|
Documentation
| +|Invalid Format (v2)
caf1793e-95dd-4b18-8d90-8f3c0ab5bddf|OpenAPI|Low|Insecure Configurations|The format should be valid for the type defined. For integer type must be int32 or int64 and number type must be float or double
Documentation
| |Invalid Format (v3)
d929c031-078f-4241-b802-e224656ad890|OpenAPI|Low|Insecure Configurations|Query details
Documentation
| |Maximum Length Undefined (v2)
2ec86e48-ab90-4cb6-a131-0502afd1f442|OpenAPI|Low|Insecure Configurations|String schema/parameter/header should have 'maxLength' defined.
Documentation
| |Maximum Length Undefined (v3)
8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85|OpenAPI|Low|Insecure Configurations|Query details
Documentation
| -|Numeric Schema Without Format (v2)
3ed8fc82-c2bb-49e0-811f-c53923674c49|OpenAPI|Low|Insecure Configurations|
Documentation
| +|Numeric Schema Without Format (v2)
3ed8fc82-c2bb-49e0-811f-c53923674c49|OpenAPI|Low|Insecure Configurations|Numeric schema (type set to 'integer' or 'number') should have 'format' defined.
Documentation
| |Numeric Schema Without Format (v3)
fbf699b5-ef74-4542-9cf1-f6eeac379373|OpenAPI|Low|Insecure Configurations|Query details
Documentation
| -|Numeric Schema Without Maximum (v2)
203eee11-15b6-4d47-b888-4c7f534967ee|OpenAPI|Low|Insecure Configurations|
Documentation
| +|Numeric Schema Without Maximum (v2)
203eee11-15b6-4d47-b888-4c7f534967ee|OpenAPI|Low|Insecure Configurations|Numeric schema (type set to 'integer' or 'number') should have 'maximum' defined.
Documentation
| |Numeric Schema Without Maximum (v3)
2ea04bef-c769-409e-9179-ee3a50b5c0ac|OpenAPI|Low|Insecure Configurations|Query details
Documentation
| -|Numeric Schema Without Minimum (v2)
efd1dfc8-da91-4909-a3f3-c23abc5ec799|OpenAPI|Low|Insecure Configurations|
Documentation
| +|Numeric Schema Without Minimum (v2)
efd1dfc8-da91-4909-a3f3-c23abc5ec799|OpenAPI|Low|Insecure Configurations|Numeric schema (type set to 'integer' or 'number') should have 'minimum' defined.
Documentation
| |Numeric Schema Without Minimum (v3)
181bd815-767e-4e95-a24d-bb3c87328e19|OpenAPI|Low|Insecure Configurations|Query details
Documentation
| -|String Schema with Broad Pattern (v2)
e4a019f0-9af3-49c8-bf68-1939a6ff240d|OpenAPI|Low|Insecure Configurations|
Documentation
| +|String Schema with Broad Pattern (v2)
e4a019f0-9af3-49c8-bf68-1939a6ff240d|OpenAPI|Low|Insecure Configurations|String schema should restrict the pattern
Documentation
| |String Schema with Broad Pattern (v3)
8c81d6c0-716b-49ec-afa5-2d62da4e3f3c|OpenAPI|Low|Insecure Configurations|Query details
Documentation
| -|Default Response Undefined On Operations (v2)
5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Default Response Undefined On Operations (v2)
5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f|OpenAPI|Low|Networking and Firewall|Operations responses should have a default response defined
Documentation
| |Default Response Undefined On Operations (v3)
86e3702f-c868-44b2-b61d-ea5316c18110|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Response Code Missing (v2)
6e96ed39-bf45-4089-99ba-f1fe7cf6966f|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Response Code Missing (v2)
6e96ed39-bf45-4089-99ba-f1fe7cf6966f|OpenAPI|Low|Networking and Firewall|500, 429 and 400 responses should be defined for all operations, except head operation. 415 response should be defined for the post, put, and patch operations. 404 response should be defined for the get, put, head, delete operations. 200 response should be defined for options operation. 401 and 403 response should be defined for all operations when the security field is defined.
Documentation
| |Response Code Missing (v3)
6c35d2c6-09f2-4e5c-a094-e0e91327071d|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| |Response on operations that should not have a body has declared content (v2)
268defd2-2839-4e15-8cbc-de86eb38c231|OpenAPI|Low|Networking and Firewall|If a response is head or its code is 204 or 304, it shouldn't have a schema defined
Documentation
| |Response on operations that should not have a body has declared content (v3)
12a7210b-f4b4-47d0-acac-0a819e2a0ca3|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Delete Operation (v2)
ad432855-b7fb-4429-92a3-93b5ce34f0b1|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Delete Operation (v2)
ad432855-b7fb-4429-92a3-93b5ce34f0b1|OpenAPI|Low|Networking and Firewall|Delete should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Delete Operation (v3)
3b497874-ae59-46dd-8d72-1868a3b8f150|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Get Operation (v2)
9b633f3b-c94b-4fbb-a65b-1a4e9134fb63|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Get Operation (v2)
9b633f3b-c94b-4fbb-a65b-1a4e9134fb63|OpenAPI|Low|Networking and Firewall|Get should define at least one success response (200 or 202)
Documentation
| |Success Response Code Undefined for Get Operation (v3)
b2f275be-7d64-4064-b418-be6b431363a7|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Head Operation (v2)
4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Head Operation (v2)
4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a|OpenAPI|Low|Networking and Firewall|Head should define at least one success response (200 or 202)
Documentation
| |Success Response Code Undefined for Head Operation (v3)
3b066059-f411-4554-ac8d-96f32bff90da|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Patch Operation (v2)
f36e87cc-a209-4f37-8571-66833e4aead7|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Patch Operation (v2)
f36e87cc-a209-4f37-8571-66833e4aead7|OpenAPI|Low|Networking and Firewall|Patch should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Patch Operation (v3)
1908a8ee-927d-4166-8f18-241152170cc1|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Post Operation (v2)
9fedee41-2e6d-4091-b011-4a16b4c18c70|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Post Operation (v2)
9fedee41-2e6d-4091-b011-4a16b4c18c70|OpenAPI|Low|Networking and Firewall|Post should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Post Operation (v3)
f368dd2d-9344-4146-a05b-7c6faa1269ad|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Put Operation (v2)
965a043f-5f3c-4d0a-be72-d9ce12fdb4d6|OpenAPI|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Put Operation (v2)
965a043f-5f3c-4d0a-be72-d9ce12fdb4d6|OpenAPI|Low|Networking and Firewall|Put should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Put Operation (v3)
60b5f56b-66ff-4e1c-9b62-5753e16825bc|OpenAPI|Low|Networking and Firewall|Query details
Documentation
| -|Example Not Compliant With Schema Type (v2)
448db771-06ea-4dee-b48c-1689cbfb4b43|OpenAPI|Info|Best Practices|
Documentation
| +|Example Not Compliant With Schema Type (v2)
448db771-06ea-4dee-b48c-1689cbfb4b43|OpenAPI|Info|Best Practices|Examples values and fields should be compliant with the schema type
Documentation
| |Example Not Compliant With Schema Type (v3)
881a6e71-c2a7-4fe2-b9c3-dfcf08895331|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Header Parameter Named as 'Accept' (v2)
3ddd74cc-6582-486c-8b0c-2b48cb38e0a3|OpenAPI|Info|Best Practices|
Documentation
| +|Header Parameter Named as 'Accept' (v2)
3ddd74cc-6582-486c-8b0c-2b48cb38e0a3|OpenAPI|Info|Best Practices|The header Parameter should not be named as 'Accept'. If so, it will be ignored.
Documentation
| |Header Parameter Named as 'Accept' (v3)
f2702af5-6016-46cb-bbc8-84c766032095|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Header Parameter Named as 'Authorization' (v2)
e2e00c97-7171-4fb4-b461-d631df9a711c|OpenAPI|Info|Best Practices|
Documentation
| +|Header Parameter Named as 'Authorization' (v2)
e2e00c97-7171-4fb4-b461-d631df9a711c|OpenAPI|Info|Best Practices|The header Parameter should not be named as 'Authorization'. If so, it will be ignored.
Documentation
| |Header Parameter Named as 'Authorization' (v3)
8c84f75e-5048-4926-a4cb-33e7b3431300|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Header Parameter Named as 'Content-Type' (v2)
51978067-3b22-4c29-aaf3-96bf0bc28897|OpenAPI|Info|Best Practices|
Documentation
| +|Header Parameter Named as 'Content-Type' (v2)
51978067-3b22-4c29-aaf3-96bf0bc28897|OpenAPI|Info|Best Practices|The header Parameter should not be named as 'Content-Type'. If so, it will be ignored.
Documentation
| |Header Parameter Named as 'Content-Type' (v3)
72d259ca-9741-48dd-9f62-eb11f2936b37|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Header Response Name Is Invalid (v2)
86733e01-a435-4bd5-a8b0-5108be9dc1e4|OpenAPI|Info|Best Practices|
Documentation
| +|Header Response Name Is Invalid (v2)
86733e01-a435-4bd5-a8b0-5108be9dc1e4|OpenAPI|Info|Best Practices|The Header Response should not be named as 'Content-Type', 'Authorization' or 'Accept'. If so, it will be ignored.
Documentation
| |Header Response Name Is Invalid (v3)
d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Invalid Contact Email (v2)
d83bebc8-4e5e-4241-b783-cba9fb5a1c9a|OpenAPI|Info|Best Practices|
Documentation
| +|Invalid Contact Email (v2)
d83bebc8-4e5e-4241-b783-cba9fb5a1c9a|OpenAPI|Info|Best Practices|Contact Object Email should be a valid email
Documentation
| |Invalid Contact Email (v3)
b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Invalid Contact URL (v2)
c7000383-16d0-4509-8cd3-585e5ea2e2f2|OpenAPI|Info|Best Practices|
Documentation
| +|Invalid Contact URL (v2)
c7000383-16d0-4509-8cd3-585e5ea2e2f2|OpenAPI|Info|Best Practices|Contact Object URL should be a valid URL
Documentation
| |Invalid Contact URL (v3)
332cf2ad-380d-4b90-b436-46f8e635cf38|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Invalid Global External Documentation URL (v2)
46d3b74d-9fe9-45bf-9e9e-efb7f701ee28|OpenAPI|Info|Best Practices|
Documentation
| +|Invalid Global External Documentation URL (v2)
46d3b74d-9fe9-45bf-9e9e-efb7f701ee28|OpenAPI|Info|Best Practices|Global External Documentation URL should be a valid URL
Documentation
| |Invalid Global External Documentation URL (v3)
b2d9dbf6-539c-4374-a1fd-210ddf5563a8|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Invalid License URL (v2)
de2b4910-8484-46d6-a055-dc1e793ee3ff|OpenAPI|Info|Best Practices|
Documentation
| +|Invalid License URL (v2)
de2b4910-8484-46d6-a055-dc1e793ee3ff|OpenAPI|Info|Best Practices|License Object URL should be a valid URL
Documentation
| |Invalid License URL (v3)
9239c289-9e4c-4d92-8be1-9d506057c971|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Invalid Operation External Documentation URL (v2)
25635c31-ee32-4708-88e5-fced87516f51|OpenAPI|Info|Best Practices|
Documentation
| +|Invalid Operation External Documentation URL (v2)
25635c31-ee32-4708-88e5-fced87516f51|OpenAPI|Info|Best Practices|Operation External Documentation URL should be a valid URL
Documentation
| |Invalid Operation External Documentation URL (v3)
5ea61624-3733-4a3a-8ca4-b96fec9c5aeb|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Invalid Schema External Documentation URL (v2)
f7fa95b7-d819-484c-9a2b-665dd1bba25e|OpenAPI|Info|Best Practices|
Documentation
| +|Invalid Schema External Documentation URL (v2)
f7fa95b7-d819-484c-9a2b-665dd1bba25e|OpenAPI|Info|Best Practices|Schema External Documentation URL should be a valid URL
Documentation
| |Invalid Schema External Documentation URL (v3)
6952a7e0-6e48-4285-bbc1-27c64e60f888|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Invalid Tag External Documentation URL (v2)
b4a7d925-738b-4219-99d9-87d6ee262a03|OpenAPI|Info|Best Practices|
Documentation
| +|Invalid Tag External Documentation URL (v2)
b4a7d925-738b-4219-99d9-87d6ee262a03|OpenAPI|Info|Best Practices|Tag External Documentation URL should be a valid URL
Documentation
| |Invalid Tag External Documentation URL (v3)
5aea1d7e-b834-4749-b143-2c7ec3bd5922|OpenAPI|Info|Best Practices|Query details
Documentation
| -|JSON '$ref' alongside other properties (v2)
f34c1c68-4773-4df0-a103-6e2ca32e585f|OpenAPI|Info|Best Practices|
Documentation
| +|JSON '$ref' alongside other properties (v2)
f34c1c68-4773-4df0-a103-6e2ca32e585f|OpenAPI|Info|Best Practices|Each field on Open API specification which accepts '$ref', infers that field is using a reference object, which has only '$ref' key
Documentation
| |JSON '$ref' alongside other properties (v3)
96beb800-566f-49a9-a0ea-dbdf4bc80429|OpenAPI|Info|Best Practices|Query details
Documentation
| |Object Using Enum With Keyword (v2)
7f15962a-d862-451c-ac9b-84ec13747aa6|OpenAPI|Info|Best Practices|Schema/Parameter/Header Object properties should not contain 'enum' and schema keywords
Documentation
| |Object Using Enum With Keyword (v3)
2e9b6612-8f69-42e0-a5b8-ed17739c2f3a|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Operation Without Successful HTTP Status Code (v2)
a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2|OpenAPI|Info|Best Practices|
Documentation
| +|Operation Without Successful HTTP Status Code (v2)
a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2|OpenAPI|Info|Best Practices|Operation Object should have at least one successful HTTP status code defined
Documentation
| |Operation Without Successful HTTP Status Code (v3)
48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Path Without Operation (v2)
609cd557-66b4-41fa-8edd-2abc6c7cfd08|OpenAPI|Info|Best Practices|
Documentation
| +|Path Without Operation (v2)
609cd557-66b4-41fa-8edd-2abc6c7cfd08|OpenAPI|Info|Best Practices|Path object should have at least one operation object defined
Documentation
| |Path Without Operation (v3)
84c826c9-1893-4b34-8cdd-db97645b4bf3|OpenAPI|Info|Best Practices|Query details
Documentation
| -|Required Property With Default Value (v2)
f7ab6c83-ef89-40e1-8a99-32e2599fb665|OpenAPI|Info|Best Practices|
Documentation
| +|Required Property With Default Value (v2)
f7ab6c83-ef89-40e1-8a99-32e2599fb665|OpenAPI|Info|Best Practices|Required properties receive value from requests, which makes unnecessary declare a default value
Documentation
| |Required Property With Default Value (v3)
013bdb4b-9246-4248-b0c3-7fb0fee42a29|OpenAPI|Info|Best Practices|Query details
Documentation
| |Default Invalid (v2)
78dfd8f0-a6ee-48ec-af8c-e4d9b3292a07|OpenAPI|Info|Structure and Semantics|The field 'default' of Schema/Parameter/Header Object should be consistent with the schema's/parameter's/header's type
Documentation
| |Default Invalid (v3)
a96bbc06-8cde-4295-ad3c-ee343a7f658e|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Items Undefined (v2)
3e4d34d2-36cf-4449-976d-6c256db8fc49|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Items Undefined (v2)
3e4d34d2-36cf-4449-976d-6c256db8fc49|OpenAPI|Info|Structure and Semantics|Schema/Parameter items should be defined when the schema/parameter is set to an array.
Documentation
| |Items Undefined (v3)
a8e859da-4a43-4e7f-94b8-25d6e3bf8e90|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Non-Array Schema With Items (v2)
9d47956b-29cd-43b1-9e6e-b39a4d484353|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Non-Array Schema With Items (v2)
9d47956b-29cd-43b1-9e6e-b39a4d484353|OpenAPI|Info|Structure and Semantics|Non-Array Schema should not have 'items' defined
Documentation
| |Non-Array Schema With Items (v3)
20cb3159-b219-496b-8dac-54ae3ab2021a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|OperationId Not Unique (v2)
21245007-91c4-40e5-964e-40c85d1e5aa6|OpenAPI|Info|Structure and Semantics|
Documentation
| +|OperationId Not Unique (v2)
21245007-91c4-40e5-964e-40c85d1e5aa6|OpenAPI|Info|Structure and Semantics|OperationId should be unique when defined
Documentation
| |OperationId Not Unique (v3)
c254adc4-ef25-46e1-8270-b7944adb4198|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Parameter Objects Headers With Duplicated Name (v2)
bd2cbef5-62c4-40f1-af07-4b7f9ced6616|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Parameter Objects Headers With Duplicated Name (v2)
bd2cbef5-62c4-40f1-af07-4b7f9ced6616|OpenAPI|Info|Structure and Semantics|Parameter Objects should not have duplicate names for 'header' location, since HTTP headers are not case sensitive.
Documentation
| |Parameter Objects Headers With Duplicated Name (v3)
05505192-ba2c-4a81-9b25-dcdbcc973746|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Parameters Name In Combination Not Unique (v2)
ab871897-ec02-4835-9818-702536ee1dda|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Parameters Name In Combination Not Unique (v2)
ab871897-ec02-4835-9818-702536ee1dda|OpenAPI|Info|Structure and Semantics|Parameters properties 'name' and 'in' should have unique combinations
Documentation
| |Parameters Name In Combination Not Unique (v3)
f5b2e6af-76f5-496d-8482-8f898c5fdb4a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Path Is Ambiguous (v2)
b2468463-3ac4-4930-890c-f35b2bf4485d|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Path Is Ambiguous (v2)
b2468463-3ac4-4930-890c-f35b2bf4485d|OpenAPI|Info|Structure and Semantics|All path should be unique, if has more than one operation, all operations should be part of same Path Object
Documentation
| |Path Is Ambiguous (v3)
237402e2-c2f0-46c9-9cf5-286160cf7bfc|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Path Parameter Not Required (v2)
ccd0613f-cb77-4684-a892-183bd2674d12|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Path Parameter Not Required (v2)
ccd0613f-cb77-4684-a892-183bd2674d12|OpenAPI|Info|Structure and Semantics|The property 'required' determines whether the parameter is mandatory. If the parameter location is 'path', this property is required and its value must be true.
Documentation
| |Path Parameter Not Required (v3)
0de50145-e845-47f4-9a15-23bcf2125710|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Path Parameter With No Corresponding Template Path (v2)
194ef1f8-360e-4c14-8ed2-e83e2bafa142|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Path Parameter With No Corresponding Template Path (v2)
194ef1f8-360e-4c14-8ed2-e83e2bafa142|OpenAPI|Info|Structure and Semantics|The path parameter must have a corresponding template path for a given operation
Documentation
| |Path Parameter With No Corresponding Template Path (v3)
69d7aefd-149d-47b8-8d89-1c2181a8067b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Path Template is Empty (v2)
c201b7ad-6173-4598-a407-5edb04a1bcd7|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Path Template is Empty (v2)
c201b7ad-6173-4598-a407-5edb04a1bcd7|OpenAPI|Info|Structure and Semantics|All path templates should not be empty
Documentation
| |Path Template is Empty (v3)
ae13a37d-943b-47a7-a970-83c8598bcca3|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Paths Object is Empty (v2)
3e6c7b1c-8a8d-43ab-98b9-65159f44db4a|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Paths Object is Empty (v2)
3e6c7b1c-8a8d-43ab-98b9-65159f44db4a|OpenAPI|Info|Structure and Semantics|Paths object may be empty due to ACL constraints, meaning they are not exposed
Documentation
| |Paths Object is Empty (v3)
815021c8-a50c-46d9-b192-24f71072c400|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Properties Missing Required Property (v2)
71beb6ab-8b70-4816-a9ac-a0ff1fb22a62|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Properties Missing Required Property (v2)
71beb6ab-8b70-4816-a9ac-a0ff1fb22a62|OpenAPI|Info|Structure and Semantics|Schema Object should have all required properties defined
Documentation
| |Properties Missing Required Property (v3)
3fb03214-25d4-4bd4-867c-c2d8d708a483|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Property 'allowEmptyValue' Improperly Defined (v2)
0bc1477d-0922-478b-ae16-674a7634a1a8|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Property 'allowEmptyValue' Improperly Defined (v2)
0bc1477d-0922-478b-ae16-674a7634a1a8|OpenAPI|Info|Structure and Semantics|Property 'allowEmptyValue' should be only defined for query parameters and formData parameters
Documentation
| |Property 'allowEmptyValue' Improperly Defined (v3)
4bcbcd52-3028-469f-bc14-02c7dbba2df2|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Property Defining Minimum Greater Than Maximum (v2)
b5102ea9-6527-4bb7-94fc-9b4076150e55|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Property Defining Minimum Greater Than Maximum (v2)
b5102ea9-6527-4bb7-94fc-9b4076150e55|OpenAPI|Info|Structure and Semantics|Property defining minimum has greater value than maximum defined
Documentation
| |Property Defining Minimum Greater Than Maximum (v3)
ab2af219-cd08-4233-b5a1-a788aac88b51|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Responses Object Is Empty (v2)
6172e7ab-d2b7-45f8-a7db-1603931d8ba3|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Responses Object Is Empty (v2)
6172e7ab-d2b7-45f8-a7db-1603931d8ba3|OpenAPI|Info|Structure and Semantics|Responses Object should not be empty
Documentation
| |Responses Object Is Empty (v3)
990eaf09-d6f1-4c3c-b174-a517b1de8917|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Responses With Wrong HTTP Status Code (v2)
069a5378-2091-43f0-aa3b-ee8f20996e99|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Responses With Wrong HTTP Status Code (v2)
069a5378-2091-43f0-aa3b-ee8f20996e99|OpenAPI|Info|Structure and Semantics|HTTP Responses status code should be in range of [200-599]
Documentation
| |Responses With Wrong HTTP Status Code (v3)
d86655c0-92f6-4ffc-b4d5-5b5775804c27|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema Discriminator Mismatch Defined Properties (v2)
addc0eab-27f6-4c26-8526-d2ccd3732662|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Schema Discriminator Mismatch Defined Properties (v2)
addc0eab-27f6-4c26-8526-d2ccd3732662|OpenAPI|Info|Structure and Semantics|Schema discriminator values should match defined properties.
Documentation
| |Schema Discriminator Mismatch Defined Properties (v3)
40d3df21-c170-4dbe-9c02-4289b51f994f|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema Discriminator Not Required (v2)
be6a3722-af60-438c-b1b9-2a03e2958ab7|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Schema Discriminator Not Required (v2)
be6a3722-af60-438c-b1b9-2a03e2958ab7|OpenAPI|Info|Structure and Semantics|The discriminator property in the Schema Object should be a required property
Documentation
| |Schema Discriminator Not Required (v3)
b481d46c-9c61-480f-86d9-af07146dc4a4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema Discriminator Property Not String (v2)
949376f1-f560-4c6d-a016-63424ca931bb|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Schema Discriminator Property Not String (v2)
949376f1-f560-4c6d-a016-63424ca931bb|OpenAPI|Info|Structure and Semantics|Schema discriminator property should be a string
Documentation
| |Schema Discriminator Property Not String (v3)
dadc2f36-1f5a-46c0-8289-75e626583123|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema Enum Invalid (v2)
8fe6d18a-ad4c-4397-8884-e3a9da57f4c9|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Schema Enum Invalid (v2)
8fe6d18a-ad4c-4397-8884-e3a9da57f4c9|OpenAPI|Info|Structure and Semantics|The field 'enum' of Schema Object should be consistent with the schema's type
Documentation
| |Schema Enum Invalid (v3)
03856cb2-e46c-4daf-bfbf-214ec93c882b|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema Has A Required Property Undefined (v2)
811762c8-2e99-4f70-88f9-a63875a953b1|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Schema Has A Required Property Undefined (v2)
811762c8-2e99-4f70-88f9-a63875a953b1|OpenAPI|Info|Structure and Semantics|Schema Object should not be have a required property that is not defined on properties
Documentation
| |Schema Has A Required Property Undefined (v3)
2bd608ae-8a1f-457f-b710-c237883cb313|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema Object Properties With Duplicated Keys (v2)
ded017bf-fb13-4f8d-868b-84aebcc572ad|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Schema Object Properties With Duplicated Keys (v2)
ded017bf-fb13-4f8d-868b-84aebcc572ad|OpenAPI|Info|Structure and Semantics|Schema Object Property key should be unique through out the fields 'properties', 'allOf', 'additionalProperties'
Documentation
| |Schema Object Properties With Duplicated Keys (v3)
10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Schema Object With Circular Ref (v2)
cbff2508-85c9-4448-a8b3-770070edf5ca|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Schema Object With Circular Ref (v2)
cbff2508-85c9-4448-a8b3-770070edf5ca|OpenAPI|Info|Structure and Semantics|Schema Object should not reference it self in 'allOf', 'oneOf', 'anyOf' and 'not' properties
Documentation
| |Schema Object With Circular Ref (v3)
1a1aea94-745b-40a7-b860-0702ea6ee636|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| -|Template Path With No Corresponding Path Parameter (v2)
e7656d8d-7288-4bbe-b07b-22b389be75ce|OpenAPI|Info|Structure and Semantics|
Documentation
| +|Template Path With No Corresponding Path Parameter (v2)
e7656d8d-7288-4bbe-b07b-22b389be75ce|OpenAPI|Info|Structure and Semantics|The template path must have a corresponding path parameter for a given operation
Documentation
| |Template Path With No Corresponding Path Parameter (v3)
561710b1-b845-4562-95ce-2397a05ccef4|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| |Type Has Invalid Keyword (v2)
492c6cbb-f3f8-4807-aa4f-42b8b1c46b59|OpenAPI|Info|Structure and Semantics|Schema/Parameter/Header Object define type should not use a keyword of another type
Documentation
| |Type Has Invalid Keyword (v3)
a9228976-10cf-4b5f-b902-9e962aad037a|OpenAPI|Info|Structure and Semantics|Query details
Documentation
| @@ -1490,8 +1490,8 @@ This page contains all queries. |DynamoDB Table Point In Time Recovery Disabled
741f1291-47ac-4a85-a07b-3d32a9d6bd3e|Terraform|Info|Best Practices|Query details
Documentation
| |EC2 Not EBS Optimized
60224630-175a-472a-9e23-133827040766|Terraform|Info|Best Practices|Query details
Documentation
| |Resource Not Using Tags
e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10|Terraform|Info|Best Practices|Query details
Documentation
| -|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Terraform|Info|Best Practices|Query details
Documentation
| |Security Group Rule Without Description
cb3f5ed6-0d18-40de-a93d-b3538db31e8c|Terraform|Info|Best Practices|Query details
Documentation
| +|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Terraform|Info|Best Practices|Query details
Documentation
| |CloudWatch AWS Organizations Changes Missing Alarm
38b85c45-e772-4de8-a247-69619ca137b3|Terraform|Info|Observability|Query details
Documentation
| |CloudWatch Without Retention Period Specified
ef0b316a-211e-42f1-888e-64efe172b755|Terraform|Info|Observability|Query details
Documentation
| |BOM - AWS DynamoDB
23edf35f-7c22-4ff9-87e6-0ca74261cfbf|Terraform|Trace|Bill Of Materials|Query details
Documentation
| @@ -1733,30 +1733,30 @@ This page contains all queries. |Secrets As Environment Variables
6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8|Terraform|Low|Secret Management|Query details
Documentation
| |Invalid Image
e76cca7c-c3f9-4fc9-884c-b2831168ebd8|Terraform|Low|Supply-Chain|Query details
Documentation
| |Liveness Probe Is Not Defined
5b6d53dd-3ba3-4269-b4d7-f82e880e43c3|Terraform|Info|Availability|Query details
Documentation
| -|Beta - Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|Terraform|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud ELB Listener Use HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|Terraform|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud ELB Use HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|Terraform|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Listener Use HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|Terraform|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Use HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|Terraform|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Use Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|Terraform|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Use Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|Terraform|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|Terraform|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|Terraform|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|Terraform|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|Terraform|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|Terraform|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Router Undefined Security Group To Router
e7dada38-af20-4899-8955-dabea84ab1f0|Terraform|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
b3535a48-910c-47f8-8b3b-14222f29ef80|Terraform|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Terraform|Medium|Backup|Query details
Documentation
| -|Beta - Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Terraform|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Terraform|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|Terraform|High|Access Control|Query details
Documentation
| +|Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|Terraform|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|Terraform|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|Terraform|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|Terraform|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud Router Undefined Security Group
e7dada38-af20-4899-8955-dabea84ab1f0|Terraform|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud VPN Gateway Undefined Security Group
b3535a48-910c-47f8-8b3b-14222f29ef80|Terraform|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud LB Using Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|Terraform|Medium|Encryption|Query details
Documentation
| +|Nifcloud LB Using Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|Terraform|Medium|Encryption|Query details
Documentation
| +|Nifcloud ELB Listener Using HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|Terraform|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud ELB Using HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|Terraform|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud LB Listener Using HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|Terraform|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud LB Using HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|Terraform|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud Low RDB Backup Retention Period
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Terraform|Low|Backup|Query details
Documentation
| +|Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|Terraform|Low|Insecure Configurations|Query details
Documentation
| +|Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Terraform|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Terraform|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Terraform|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Terraform|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Terraform|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Terraform|Info|Best Practices|Query details
Documentation
| +|Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Terraform|Info|Best Practices|Query details
Documentation
| +|Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Terraform|Info|Best Practices|Query details
Documentation
| +|Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Terraform|Info|Best Practices|Query details
Documentation
| |Generic Git Module Without Revision
3a81fc06-566f-492a-91dd-7448e409e2cd|Terraform|Info|Best Practices|Query details
Documentation
| |Name Is Not Snake Case
1e434b25-8763-4b00-a5ca-ca03b7abbb66|Terraform|Info|Best Practices|Query details
Documentation
| |Output Without Description
59312e8a-a64e-41e7-a252-618533dd1ea8|Terraform|Info|Best Practices|Query details
Documentation
| diff --git a/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md b/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md index b5448aef13a..561a84b5fe5 100644 --- a/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md +++ b/docs/queries/ansible-queries/0e75052f-cc02-41b8-ac39-a78017527e95.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 286 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/privilege_escalation_using_become_plugin) ### Description diff --git a/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md b/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md index e3224edb6d5..5ae83411258 100644 --- a/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md +++ b/docs/queries/ansible-queries/1b2bf3ff-31e9-460e-bbfb-45e48f4f20cc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/hosts/ansible_tower_exposed_to_internet) ### Description diff --git a/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md b/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md index 533ab4f3605..718c9a3d007 100644 --- a/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md +++ b/docs/queries/ansible-queries/2e8d4922-8362-4606-8c14-aa10466a1ce3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/communication_over_http) ### Description diff --git a/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md b/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md index e4f63de96ea..85cb3cb0461 100644 --- a/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md +++ b/docs/queries/ansible-queries/404908b6-4954-4611-98f0-e8ceacdabcb1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 286 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/privilege_escalation_using_become_plugin) ### Description diff --git a/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md b/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md index cd34b6ce8dc..2856fb6827b 100644 --- a/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md +++ b/docs/queries/ansible-queries/59029ddf-e651-412b-ae7b-ff6d403184bc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/logging_of_sensitive_data) ### Description diff --git a/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md b/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md index 453fba09789..571674c835c 100644 --- a/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md +++ b/docs/queries/ansible-queries/86b97bb4-85c9-462d-8635-cbc057c5c8c5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/allow_unsafe_lookups_enabled) ### Description diff --git a/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md b/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md index 8e47c1e04ff..6d1453b298d 100644 --- a/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md +++ b/docs/queries/ansible-queries/88841d5c-d22d-4b7e-a6a0-89ca50e44b9f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Info - **Category:** Supply-Chain -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/risky_file_permissions) ### Description diff --git a/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md b/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md index 23a9cd19a53..5e7368087b2 100644 --- a/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md +++ b/docs/queries/ansible-queries/8d22ae91-6ac1-459f-95be-d37bd373f244.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/insecure_relative_path_resolution) ### Description diff --git a/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md b/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md index 47ac677927f..09da6107fa8 100644 --- a/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md +++ b/docs/queries/ansible-queries/aws/01aec7c2-3e4d-4274-ae47-2b8fea22fd1f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecs_task_definition_network_mode_not_recommended) ### Description diff --git a/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md b/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md index 201cff99f49..c91e785681a 100644 --- a/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md +++ b/docs/queries/ansible-queries/aws/050f085f-a8db-4072-9010-2cca235cc02f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/auto_scaling_group_with_no_associated_elb) ### Description diff --git a/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md b/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md index d38f15942f6..9bc119b3eab 100644 --- a/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md +++ b/docs/queries/ansible-queries/aws/0956aedf-6a7a-478b-ab56-63e2b19923ad.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/db_security_group_with_public_scope) ### Description diff --git a/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md b/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md index 97e3b644c8c..f78aeaa96d1 100644 --- a/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md +++ b/docs/queries/ansible-queries/aws/0ed012a4-9199-43d2-b9e4-9bd049a48aa4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_database_auth_not_enabled) ### Description diff --git a/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md b/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md index a7e262ee8b5..58c290873bb 100644 --- a/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md +++ b/docs/queries/ansible-queries/aws/12a7a7ce-39d6-49dd-923d-aeb4564eb66c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policy_grants_assumerole_permission_across_all_services) ### Description diff --git a/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md b/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md index 42b2a74534b..2045afc5150 100644 --- a/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md +++ b/docs/queries/ansible-queries/aws/133fee21-37ef-45df-a563-4d07edc169f4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cmk_is_unusable) ### Description diff --git a/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md b/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md index f71406fdd07..b4bd1c46860 100644 --- a/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md +++ b/docs/queries/ansible-queries/aws/16732649-4ff6-4cd2-8746-e72c13fae4b8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_associated_with_public_subnet) ### Description diff --git a/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md b/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md index e65bacb616d..fd505908673 100644 --- a/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md +++ b/docs/queries/ansible-queries/aws/17d5ba1d-7667-4729-b1a6-b11fde3db7f7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 404 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/stack_retention_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md b/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md index d318bbfb8aa..9588a2889ee 100644 --- a/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md +++ b/docs/queries/ansible-queries/aws/1d972c56-8ec2-48c1-a578-887adb09c57a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_permission_principal_is_wildcard) ### Description diff --git a/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md b/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md index fa8104eff47..017650a4918 100644 --- a/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md +++ b/docs/queries/ansible-queries/aws/2034fb37-bc23-4ca0-8d95-2b9f15829ab5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elb_using_weak_ciphers) ### Description diff --git a/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md b/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md index 33b577399af..9257f0bfde8 100644 --- a/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md +++ b/docs/queries/ansible-queries/aws/2059155b-27fd-441e-b616-6966c468561f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_xray_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md b/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md index a6434552d3f..c52cedaeede 100644 --- a/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md +++ b/docs/queries/ansible-queries/aws/218413a0-c716-4b94-9e08-0bb70d854709.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/secure_ciphers_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md b/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md index 8849ba71b9f..33686894ecd 100644 --- a/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md +++ b/docs/queries/ansible-queries/aws/22c80725-e390-4055-8d14-a872230f6607.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudfront_without_waf) ### Description diff --git a/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md b/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md index e881b26a8b2..e2438faf46a 100644 --- a/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md +++ b/docs/queries/ansible-queries/aws/265d9725-2fb8-42a2-bc57-3279c5db82d5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_function_without_tags) ### Description diff --git a/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md b/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md index 22b1bca788c..c521d2225d4 100644 --- a/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md +++ b/docs/queries/ansible-queries/aws/2cb674f6-32f9-40be-97f2-62c0dc38f0d5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_using_default_port) ### Description diff --git a/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md b/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md index a5573f2a63b..a6da6ac2b6d 100644 --- a/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md +++ b/docs/queries/ansible-queries/aws/32d31f1f-0f83-4721-b7ec-1e6948c60145.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/stack_without_template) ### Description diff --git a/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md b/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md index d7bedab9b16..6abb6a9bc8d 100644 --- a/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md +++ b/docs/queries/ansible-queries/aws/338b6cab-961d-4998-bb49-e5b6a11c9a5c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_not_ebs_optimized) ### Description diff --git a/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md b/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md index 5d53460a51c..37f9a57fea0 100644 --- a/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md +++ b/docs/queries/ansible-queries/aws/3505094c-f77c-4ba0-95da-f83db712f86c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_with_unsecured_cors_rule) ### Description diff --git a/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md b/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md index cbad0de0ba3..1f91c374872 100644 --- a/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md +++ b/docs/queries/ansible-queries/aws/3ab1f27d-52cc-4943-af1d-43c1939e739a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_access_to_any_principal) ### Description diff --git a/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md b/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md index 1f1c52b6d14..1060ee7eca2 100644 --- a/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md +++ b/docs/queries/ansible-queries/aws/3ddf3417-424d-420d-8275-0724dc426520.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_permission_misconfigured) ### Description diff --git a/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md b/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md index cb383d38811..363378b9bd2 100644 --- a/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md +++ b/docs/queries/ansible-queries/aws/3f2cf811-88fa-4eda-be45-7a191a18aba9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/misconfigured_password_policy_expiration) ### Description diff --git a/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md b/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md index 95f047d7d9a..b609e30dcbc 100644 --- a/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md +++ b/docs/queries/ansible-queries/aws/445dce51-7e53-4e50-80ef-7f94f14169e4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/route53_record_undefined) ### Description diff --git a/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md b/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md index bf8fae248a1..b6aabb3e679 100644 --- a/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md +++ b/docs/queries/ansible-queries/aws/4b6012e7-7176-46e4-8108-e441785eae57.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ebs_volume_encryption_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md b/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md index 44cec00b217..c40f03185d6 100644 --- a/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md +++ b/docs/queries/ansible-queries/aws/4d8681a2-3d30-4c89-8070-08acd142748e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_log_file_validation_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md b/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md index 17bc0d6cc99..39e38ea4e3a 100644 --- a/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md +++ b/docs/queries/ansible-queries/aws/5330b503-3319-44ff-9b1c-00ee873f728a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_group_has_public_interface) ### Description diff --git a/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md b/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md index 08e730e7a97..ea206ab1b4e 100644 --- a/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md +++ b/docs/queries/ansible-queries/aws/53bce6a8-5492-4b1b-81cf-664385f0c4bf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_get_action_from_all_principals) ### Description diff --git a/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md b/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md index b69b404ce22..4176be820ff 100644 --- a/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md +++ b/docs/queries/ansible-queries/aws/5527dcfc-94f9-4bf6-b7d4-1b78850cf41f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elasticache_without_vpc) ### Description diff --git a/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md b/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md index 16af4aae074..f59c8c15de5 100644 --- a/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md +++ b/docs/queries/ansible-queries/aws/559439b2-3e9c-4739-ac46-17e3b24ec215.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_endpoint_config_is_not_private) ### Description diff --git a/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md b/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md index 600d6753939..03694ed7dfc 100644 --- a/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md +++ b/docs/queries/ansible-queries/aws/57ced4b9-6ba4-487b-8843-b65562b90c77.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/security_group_with_unrestricted_access_to_ssh) ### Description diff --git a/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md b/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md index 0dfb11fa2b1..452f4877468 100644 --- a/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md +++ b/docs/queries/ansible-queries/aws/594f54e7-f744-45ab-93e4-c6dbaf6cd571.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_without_server-side_encryption) ### Description diff --git a/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md b/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md index 2e2f4113a42..40d9b94661e 100644 --- a/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md +++ b/docs/queries/ansible-queries/aws/5a443297-19d4-4381-9e5b-24faf947ec22.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 298 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/certificate_has_expired) ### Description diff --git a/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md b/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md index e37c57f276d..79aac9af76a 100644 --- a/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md +++ b/docs/queries/ansible-queries/aws/5b9d237a-57d5-4177-be0e-71434b0fef47.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 807 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/kms_key_with_full_permissions) ### Description diff --git a/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md b/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md index d9542e332ac..c7a92f2e97c 100644 --- a/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md +++ b/docs/queries/ansible-queries/aws/5ba316a9-c466-4ec1-8d5b-bc6107dc9a92.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 703 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_sns_topic_name_undefined) ### Description diff --git a/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md b/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md index 2b1a4b5609b..a65598cd94b 100644 --- a/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md +++ b/docs/queries/ansible-queries/aws/5c6b727b-1382-4629-8ba9-abd1365e5610.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redshift_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md b/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md index 7b5a146ef03..bb144cf27bc 100644 --- a/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md +++ b/docs/queries/ansible-queries/aws/5e92d816-2177-4083-85b4-f61b4f7176d9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/public_lambda_via_api_gateway) ### Description diff --git a/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md b/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md index f58d833dccb..5a313a81867 100644 --- a/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md +++ b/docs/queries/ansible-queries/aws/5eccd62d-8b4d-46d3-83ea-1879f3cbd3ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ca_certificate_identifier_is_outdated) ### Description diff --git a/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md b/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md index be9e4952159..faa7dff46ea 100644 --- a/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md +++ b/docs/queries/ansible-queries/aws/60bfbb8a-c72f-467f-a6dd-a46b7d612789.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecr_image_tag_not_immutable) ### Description diff --git a/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md b/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md index 4832a8c032f..9624e820eb7 100644 --- a/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md +++ b/docs/queries/ansible-queries/aws/61d1a2d0-4db8-405a-913d-5d2ce49dff6f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/instance_with_no_vpc) ### Description diff --git a/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md b/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md index d2f9acaed2a..efc78c776cd 100644 --- a/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md +++ b/docs/queries/ansible-queries/aws/66477506-6abb-49ed-803d-3fa174cd5f6a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/launch_configuration_is_not_encrypted) ### Description diff --git a/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md b/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md index a94b4650807..1e8d75869e3 100644 --- a/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md +++ b/docs/queries/ansible-queries/aws/6a647814-def5-4b85-88f5-897c19f509cd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redshift_not_encrypted) ### Description diff --git a/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md b/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md index e3c82ed1d05..76d53c8ebfe 100644 --- a/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md +++ b/docs/queries/ansible-queries/aws/6a6d7e56-c913-4549-b5c5-5221e624d2ec.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_with_all_permissions) ### Description diff --git a/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md b/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md index 74a13d097bf..376f83398fa 100644 --- a/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md +++ b/docs/queries/ansible-queries/aws/6ad087d7-a509-4b20-b853-9ef6f5ebaa98.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_multi_region_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md b/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md index 17e36df40d3..4930b3266b6 100644 --- a/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md +++ b/docs/queries/ansible-queries/aws/6f5f5444-1422-495f-81ef-24cefd61ed2c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/password_without_reuse_prevention) ### Description diff --git a/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md b/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md index 30180210e1d..91b58ea6437 100644 --- a/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md +++ b/docs/queries/ansible-queries/aws/6fa44721-ef21-41c6-8665-330d59461163.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_delete_action_from_all_principals) ### Description diff --git a/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md b/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md index f66c2fdf761..7ad742c0199 100644 --- a/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md +++ b/docs/queries/ansible-queries/aws/71397b34-1d50-4ee1-97cb-c96c34676f74.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/lambda_functions_without_x-ray_tracing) ### Description diff --git a/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md b/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md index 48a241ce098..a2f19c8ccb6 100644 --- a/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md +++ b/docs/queries/ansible-queries/aws/71ea648a-d31a-4b5a-a589-5674243f1c33.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/public_port_wide) ### Description diff --git a/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md b/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md index a89e920a423..0eaa267539d 100644 --- a/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md +++ b/docs/queries/ansible-queries/aws/722b0f24-5a64-4cca-aa96-cfc26b7e3a5b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/unknown_port_exposed_to_internet) ### Description diff --git a/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md b/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md index bd8ac21e756..8cf98e1d922 100644 --- a/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md +++ b/docs/queries/ansible-queries/aws/727c4fd4-d604-4df6-a179-7713d3c85e20.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/efs_not_encrypted) ### Description diff --git a/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md b/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md index a0638ac59f9..006158d0640 100644 --- a/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md +++ b/docs/queries/ansible-queries/aws/72a931c2-12f5-40d1-93cc-47bff2f7aa2a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_with_cloudwatch_logging_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md b/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md index fab36adb9ca..b97f80033ce 100644 --- a/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md +++ b/docs/queries/ansible-queries/aws/730a5951-2760-407a-b032-dd629b55c23a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elb_using_insecure_protocols) ### Description diff --git a/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md b/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md index d4f4bcd0b9c..fb5ece2dcc1 100644 --- a/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md +++ b/docs/queries/ansible-queries/aws/75480b31-f349-4b9a-861f-bce19588e674.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_acl_allows_read_to_any_authenticated_user) ### Description diff --git a/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md b/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md index f2be32dc2d9..c33cabf9149 100644 --- a/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md +++ b/docs/queries/ansible-queries/aws/7674a686-e4b1-4a95-83d4-1fd53c623d84.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/config_rule_for_encrypted_volumes_is_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md b/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md index 84835f5bb8e..5f5b1498e07 100644 --- a/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md +++ b/docs/queries/ansible-queries/aws/7af1c447-c014-4f05-bd8b-ebe3a15734ac.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sql_analysis_services_port_2383_is_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md b/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md index 35a319a5b05..46d28705057 100644 --- a/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md +++ b/docs/queries/ansible-queries/aws/7cc6c791-5f68-4816-a564-b9b699f9d26e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elasticache_using_default_port) ### Description diff --git a/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md b/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md index c80432246c4..1eb07403012 100644 --- a/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md +++ b/docs/queries/ansible-queries/aws/7db727c1-1720-468e-b80e-06697f71e09e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecs_service_admin_role_is_present) ### Description diff --git a/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md b/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md index de067733722..b3aa7b84a8b 100644 --- a/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md +++ b/docs/queries/ansible-queries/aws/7dfb316c-a6c2-454d-b8a2-97f147b0c0ff.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/db_instance_storage_not_encrypted) ### Description diff --git a/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md b/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md index cf3e614dcec..472a3a482aa 100644 --- a/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md +++ b/docs/queries/ansible-queries/aws/7f79f858-fbe8-4186-8a2c-dfd0d958a40f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_access_key_is_exposed) ### Description diff --git a/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md b/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md index c62ea020717..0f4b8b7486e 100644 --- a/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md +++ b/docs/queries/ansible-queries/aws/8010e17a-00e9-4635-a692-90d6bcec68bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/default_security_groups_with_unrestricted_traffic) ### Description diff --git a/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md b/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md index 9f711e6a4fe..d8772daac83 100644 --- a/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md +++ b/docs/queries/ansible-queries/aws/83c5fa4c-e098-48fc-84ee-0a537287ddd2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/unrestricted_security_group_ingress) ### Description diff --git a/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md b/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md index aefdd4c89b4..aff3cc68ae6 100644 --- a/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md +++ b/docs/queries/ansible-queries/aws/857f8808-e96a-4ba8-a9b7-f2d4ec6cad94.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/automatic_minor_upgrades_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md b/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md index 5415e33ebd2..8a899e5f92c 100644 --- a/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md +++ b/docs/queries/ansible-queries/aws/86b0efa7-4901-4edd-a37a-c034bec6645a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_queue_exposed) ### Description diff --git a/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md b/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md index e9335368b57..97b1cef16c9 100644 --- a/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md +++ b/docs/queries/ansible-queries/aws/8833f180-96f1-46f4-9147-849aafa56029.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_instance_using_default_vpc) ### Description diff --git a/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md b/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md index 8b1f348b93e..d4d90d99bdf 100644 --- a/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md +++ b/docs/queries/ansible-queries/aws/8bc2168c-1723-4eeb-a6f3-a1ba614b9a6d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_password_without_minimum_length) ### Description diff --git a/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md b/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md index 3a5333c99ad..74dcc9155d6 100644 --- a/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md +++ b/docs/queries/ansible-queries/aws/8d03993b-8384-419b-a681-d1f55149397c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_instance_using_default_security_group) ### Description diff --git a/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md b/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md index f9526a93cb2..12ea6c28942 100644 --- a/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md +++ b/docs/queries/ansible-queries/aws/8ed0bfce-f780-46d4-b086-21c3628f09ad.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ses_policy_with_allowed_iam_actions) ### Description diff --git a/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md b/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md index 873abf1bed7..5ddabae9259 100644 --- a/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md +++ b/docs/queries/ansible-queries/aws/905f4741-f965-45c1-98db-f7a00a0e5c73.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sns_topic_is_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md b/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md index 24d86f595a2..505e3a9044a 100644 --- a/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md +++ b/docs/queries/ansible-queries/aws/9232306a-f839-40aa-b3ef-b352001da9a5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_without_versioning) ### Description diff --git a/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md b/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md index 40e1096a175..3696f343d3c 100644 --- a/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md +++ b/docs/queries/ansible-queries/aws/97707503-a22c-4cd7-b7c0-f088fa7cf830.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ami_not_encrypted) ### Description diff --git a/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md b/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md index 9fb275f07ba..060af48ffdc 100644 --- a/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md +++ b/docs/queries/ansible-queries/aws/9f34885e-c08f-4d13-a7d1-cf190c5bd268.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redis_not_compliant) ### Description diff --git a/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md b/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md index 2deeb24ec22..c1fb96871b2 100644 --- a/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md +++ b/docs/queries/ansible-queries/aws/a0f1bfe0-741e-473f-b3b2-13e66f856fab.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_put_action_from_all_principals) ### Description diff --git a/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md b/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md index ebe1d665bbe..9ee629170be 100644 --- a/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md +++ b/docs/queries/ansible-queries/aws/a1423864-2fbc-4f46-bfe1-fbbf125c71c9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/codebuild_not_encrypted) ### Description diff --git a/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md b/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md index a9f568ed98a..e6e879210b0 100644 --- a/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md +++ b/docs/queries/ansible-queries/aws/a14ad534-acbe-4a8e-9404-2f7e1045646e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/http_port_open_to_internet) ### Description diff --git a/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md b/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md index 3afe582b503..560127617ce 100644 --- a/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md +++ b/docs/queries/ansible-queries/aws/a19b2942-142e-4e2b-93b7-6cf6a6c8d90f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ami_shared_with_multiple_accounts) ### Description diff --git a/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md b/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md index d487eb15bdb..97fab57262e 100644 --- a/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md +++ b/docs/queries/ansible-queries/aws/a1ef9d2e-4163-40cb-bd92-04f0d602a15d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_acl_allows_read_to_all_users) ### Description diff --git a/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md b/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md index 10d9274f857..c9ec694d2ef 100644 --- a/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md +++ b/docs/queries/ansible-queries/aws/a2fdf451-89dd-451e-af92-bf6c0f4bab96.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/config_configuration_aggregator_to_all_regions_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md b/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md index c4195fb32f9..3acd0c531c0 100644 --- a/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md +++ b/docs/queries/ansible-queries/aws/a6d27cf7-61dc-4bde-ae08-3b353b609f76.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/viewer_protocol_policy_allows_http) ### Description diff --git a/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md b/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md index 7380f85fe28..bce91dc8d72 100644 --- a/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md +++ b/docs/queries/ansible-queries/aws/a8b0c58b-cd25-4b53-9ad0-55bca0be0bc1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ec2_instance_has_public_ip) ### Description diff --git a/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md b/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md index f14ee6047c5..4fd649babf3 100644 --- a/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md +++ b/docs/queries/ansible-queries/aws/af167837-9636-4086-b815-c239186b9dda.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa) ### Description diff --git a/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md b/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md index 472590291ec..91a67ae730b 100644 --- a/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md +++ b/docs/queries/ansible-queries/aws/af96d737-0818-4162-8c41-40d969bd65d1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cmk_rotation_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md b/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md index b2f22f5c7d4..00081121956 100644 --- a/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md +++ b/docs/queries/ansible-queries/aws/b16cdb37-ce15-4ab2-8401-d42b05d123fc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_without_configured_authorizer) ### Description diff --git a/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md b/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md index 6e37557282b..fed83f7f717 100644 --- a/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md +++ b/docs/queries/ansible-queries/aws/b25398a2-0625-4e61-8e4d-a1bb23905bf6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cdn_configuration_is_missing) ### Description diff --git a/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md b/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md index 8014ee21371..29e37febcec 100644 --- a/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md +++ b/docs/queries/ansible-queries/aws/b47b98ab-e481-4a82-8bb1-1ab39fd36e33.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_without_ssl_certificate) ### Description diff --git a/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md b/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md index 590d69b0bb3..7f0a894cf4e 100644 --- a/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md +++ b/docs/queries/ansible-queries/aws/b5ed026d-a772-4f07-97f9-664ba0b116f8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policy_grants_full_permissions) ### Description diff --git a/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md b/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md index 81c1afdbcbb..6be89ff9cfb 100644 --- a/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md +++ b/docs/queries/ansible-queries/aws/b8a9852c-9943-4973-b8d5-77dae9352851.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/efs_without_tags) ### Description diff --git a/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md b/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md index 4ff7e46d752..02c53f91d41 100644 --- a/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md +++ b/docs/queries/ansible-queries/aws/babdedcf-d859-43da-9a7b-6d72e661a8fd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_role_allows_all_principals_to_assume) ### Description diff --git a/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md b/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md index 6360e153edb..03dfd45de4e 100644 --- a/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md +++ b/docs/queries/ansible-queries/aws/bd77554e-f138-40c5-91b2-2a09f878608e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/efs_without_kms) ### Description diff --git a/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md b/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md index 090f1c5d8cc..21bdca4a37b 100644 --- a/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md +++ b/docs/queries/ansible-queries/aws/c09e3ca5-f08a-4717-9c87-3919c5e6d209.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_db_instance_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md b/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md index ff509ed3844..63f8ed47d56 100644 --- a/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md +++ b/docs/queries/ansible-queries/aws/c09f4d3e-27d2-4d46-9453-abbe9687a64e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/user_data_contains_encoded_private_key) ### Description diff --git a/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md b/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md index e051e326759..2a2bb327181 100644 --- a/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md +++ b/docs/queries/ansible-queries/aws/c2f15af3-66a0-4176-a56e-e4711e502e5c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/hardcoded_aws_access_key) ### Description diff --git a/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md b/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md index 381afb28d65..c778bbe8a23 100644 --- a/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md +++ b/docs/queries/ansible-queries/aws/c3b9f7b0-f5a0-49ec-9cbc-f1e346b7274d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_logging_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md b/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md index 824bc83aae3..d35e715a938 100644 --- a/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md +++ b/docs/queries/ansible-queries/aws/c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_with_public_access) ### Description diff --git a/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md b/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md index 4e727f9aa7a..a6c83b57102 100644 --- a/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md +++ b/docs/queries/ansible-queries/aws/d0c13053-d2c8-44a6-95da-d592996e9e67.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudfront_without_minimum_protocol_tls_1.2) ### Description diff --git a/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md b/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md index 8eda8aece24..8ae10b91a14 100644 --- a/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md +++ b/docs/queries/ansible-queries/aws/d31cb911-bf5b-4eb6-9fc3-16780c77c7bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudfront_logging_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md b/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md index 963322f1dfe..3ba6c3468e3 100644 --- a/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md +++ b/docs/queries/ansible-queries/aws/d395a950-12ce-4314-a742-ac5a785ab44e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/s3_bucket_allows_list_action_from_all_principals) ### Description diff --git a/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md b/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md index fd70f46c746..fff7896d5a2 100644 --- a/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md +++ b/docs/queries/ansible-queries/aws/d39761d7-94ab-45b0-ab5e-27c44e381d58.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/stack_notifications_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md b/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md index 503078bb279..98c3bde96d8 100644 --- a/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md +++ b/docs/queries/ansible-queries/aws/d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_logging_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md b/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md index e74c8e77c3d..f7e2d8cdda8 100644 --- a/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md +++ b/docs/queries/ansible-queries/aws/d5ec2080-340a-4259-b885-f833c4ea6a31.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/certificate_rsa_key_bytes_lower_than_256) ### Description diff --git a/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md b/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md index 4375d223cae..fa9a310ef67 100644 --- a/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md +++ b/docs/queries/ansible-queries/aws/d6c2d06f-43c1-488a-9ba1-8d75b40fc62d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/elasticsearch_with_https_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md b/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md index dc2a7fddd00..ee483115e0e 100644 --- a/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md +++ b/docs/queries/ansible-queries/aws/d994585f-defb-4b51-b6d2-c70f020ceb10.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_policy_with_public_access) ### Description diff --git a/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md b/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md index 993bfbec006..686035c56a3 100644 --- a/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md +++ b/docs/queries/ansible-queries/aws/defe5b18-978d-4722-9325-4d1975d3699f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/batch_job_definition_with_privileged_container_properties) ### Description diff --git a/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md b/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md index b284dc1d17f..2e9ce64a718 100644 --- a/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md +++ b/docs/queries/ansible-queries/aws/e01de151-a7bd-4db4-b49b-3c4775a5e881.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/redshift_using_default_port) ### Description diff --git a/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md b/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md index 4bcf8a717c1..f0a1e1ea3c8 100644 --- a/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md +++ b/docs/queries/ansible-queries/aws/e1e7b278-2a8b-49bd-a26e-66a7f70b17eb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_with_sse_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md b/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md index 50671a59079..c846140dc9f 100644 --- a/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md +++ b/docs/queries/ansible-queries/aws/e24e18d9-4c2b-4649-b3d0-18c088145e24.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Info - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudwatch_without_retention_period_specified) ### Description diff --git a/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md b/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md index cd2a8178636..e0cb95be1ec 100644 --- a/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md +++ b/docs/queries/ansible-queries/aws/e28ceb92-d588-4166-aac5-766c8f5b7472.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 620 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/aws_password_policy_with_unchangeable_passwords) ### Description diff --git a/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md b/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md index 9dacb150289..3e3574efa08 100644 --- a/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md +++ b/docs/queries/ansible-queries/aws/e401d614-8026-4f4b-9af9-75d1197461ba.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policies_with_full_privileges) ### Description diff --git a/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md b/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md index fa4cc621b99..4cd07cd73ed 100644 --- a/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md +++ b/docs/queries/ansible-queries/aws/e69890e6-fce5-461d-98ad-cb98318dfc96.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/rds_with_backup_disabled) ### Description diff --git a/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md b/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md index b6b237fbf1c..3df2ebf9c3c 100644 --- a/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md +++ b/docs/queries/ansible-queries/aws/e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/root_account_has_active_access_keys) ### Description diff --git a/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md b/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md index 3bde33af4cf..0e2911240e5 100644 --- a/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md +++ b/docs/queries/ansible-queries/aws/ea0ed1c7-9aef-4464-b7c7-94c762da3640.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/db_security_group_open_to_large_scope) ### Description diff --git a/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md b/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md index 701f5bbe21a..361839fe02b 100644 --- a/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md +++ b/docs/queries/ansible-queries/aws/ea6bc7a6-d696-4dcf-a788-17fa03c17c81.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/security_group_ingress_not_restricted) ### Description diff --git a/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md b/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md index b96e08b286e..daf7882b742 100644 --- a/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md +++ b/docs/queries/ansible-queries/aws/eafe4bc3-1042-4f88-b988-1939e64bf060.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_policies_attached_to_user) ### Description diff --git a/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md b/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md index bf7deb21228..a52f048e4a7 100644 --- a/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md +++ b/docs/queries/ansible-queries/aws/ebb2118a-03bc-4d53-ab43-d8750f5cb8d3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_not_integrated_with_cloudwatch) ### Description diff --git a/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md b/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md index 774799bf2ef..521b4aa0ec1 100644 --- a/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md +++ b/docs/queries/ansible-queries/aws/ed9b3beb-92cf-44d9-a9d2-171eeba569d4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/sqs_policy_allows_all_actions) ### Description diff --git a/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md b/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md index ca1f6093052..c7d198e6ef7 100644 --- a/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md +++ b/docs/queries/ansible-queries/aws/eda7301d-1f3e-47cf-8d4e-976debc64341.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/remote_desktop_port_open) ### Description diff --git a/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md b/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md index a22d92740c8..158d7b9920b 100644 --- a/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md +++ b/docs/queries/ansible-queries/aws/eee107f9-b3d8-45d3-b9c6-43b5a7263ce1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/authentication_without_mfa) ### Description diff --git a/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md b/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md index 4e513aab322..736a09fea73 100644 --- a/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md +++ b/docs/queries/ansible-queries/aws/f2ea6481-1d31-4d40-946a-520dc6321dd7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/kinesis_not_encrypted_with_kms) ### Description diff --git a/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md b/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md index 1c4955a0d71..e02af20822e 100644 --- a/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md +++ b/docs/queries/ansible-queries/aws/f34508b9-f574-4330-b42d-88c44cced645.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/hardcoded_aws_access_key_in_lambda) ### Description diff --git a/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md b/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md index 48c73f2c4a6..7b35d70aac5 100644 --- a/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md +++ b/docs/queries/ansible-queries/aws/f509931b-bbb0-443c-bd9b-10e92ecf2193.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/iam_group_without_users) ### Description diff --git a/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md b/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md index 6b42df84d61..05d5f1e492a 100644 --- a/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md +++ b/docs/queries/ansible-queries/aws/f5587077-3f57-4370-9b4e-4eb5b1bac85b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/cloudtrail_log_files_not_encrypted_with_kms) ### Description diff --git a/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md b/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md index 54b8ca0cebe..75e2e637184 100644 --- a/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md +++ b/docs/queries/ansible-queries/aws/f5c45127-1d28-4b49-a692-0b97da1c3a84.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecs_service_without_running_tasks) ### Description diff --git a/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md b/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md index e07a75da2ce..4722c83658f 100644 --- a/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md +++ b/docs/queries/ansible-queries/aws/f5f38943-664b-4acc-ab11-f292fa10ed0b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/api_gateway_without_waf) ### Description diff --git a/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md b/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md index 8c9fc5ad937..048451e2a03 100644 --- a/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md +++ b/docs/queries/ansible-queries/aws/f81d63d2-c5d7-43a4-a5b5-66717a41c895.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/alb_listening_on_http) ### Description diff --git a/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md b/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md index f99caf299d1..6171f4dbecb 100644 --- a/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md +++ b/docs/queries/ansible-queries/aws/fb5a5df7-6d74-4243-ab82-ff779a958bfd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/ecr_repository_is_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md b/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md index 3a689353163..4dd06aace3c 100644 --- a/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md +++ b/docs/queries/ansible-queries/aws/fb8f8929-afeb-4c46-99f0-a6cf410f7df4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/vulnerable_default_ssl_certificate) ### Description diff --git a/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md b/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md index dad67c26593..114e6fff846 100644 --- a/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md +++ b/docs/queries/ansible-queries/aws/ffe0fd52-7a8b-4a5c-8fc7-49844418e6c9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 829 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/aws/no_stack_policy) ### Description diff --git a/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md b/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md index 53fe46a16bf..890d1b8375f 100644 --- a/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md +++ b/docs/queries/ansible-queries/azure/0461b4fd-21ef-4687-929e-484ee4796785.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/log_retention_is_not_set) ### Description diff --git a/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md b/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md index b65e5ed4bd7..e090ef56e3c 100644 --- a/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md +++ b/docs/queries/ansible-queries/azure/054d07b5-941b-4c28-8eef-18989dc62323.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgresql_log_disconnections_not_set) ### Description diff --git a/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md b/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md index a4642cdeb48..390775342ad 100644 --- a/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md +++ b/docs/queries/ansible-queries/azure/0632d0db-9190-450a-8bb3-c283bffea445.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/redis_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md b/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md index 84c6e7d2ece..1f7dd55701a 100644 --- a/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md +++ b/docs/queries/ansible-queries/azure/0ac9abbc-6d7a-41cf-af23-2e57ddb3dbfc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sensitive_port_is_exposed_to_entire_network) ### Description diff --git a/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md b/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md index 6a682889852..857a7f95803 100644 --- a/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md +++ b/docs/queries/ansible-queries/azure/0d0c12b9-edce-4510-9065-13f6a758750c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 829 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/redis_entirely_accessible) ### Description diff --git a/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md b/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md index 8b5199d0be4..07c0cd2945b 100644 --- a/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md +++ b/docs/queries/ansible-queries/azure/149fa56c-4404-4f90-9e25-d34b676d5b39.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/aks_rbac_disabled) ### Description diff --git a/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md b/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md index 54fbf387d3c..945a26f5a17 100644 --- a/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md +++ b/docs/queries/ansible-queries/azure/1bc398a8-d274-47de-a4c8-6ac867b353de.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/trusted_microsoft_services_not_enabled) ### Description diff --git a/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md b/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md index 7c820d88fe1..b9450ff85d7 100644 --- a/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md +++ b/docs/queries/ansible-queries/azure/1e5f5307-3e01-438d-8da6-985307ed25ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/vm_not_attached_to_network) ### Description diff --git a/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md b/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md index 25c6c3d0100..a0ced1c885d 100644 --- a/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md +++ b/docs/queries/ansible-queries/azure/23a4dc83-4959-4d99-8056-8e051a82bc1e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/cosmosdb_account_without_tags) ### Description diff --git a/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md b/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md index 25e095f3a31..d7e0afb35e0 100644 --- a/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md +++ b/docs/queries/ansible-queries/azure/29f35127-98e6-43af-8ec1-201b79f99604.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/admin_user_enabled_for_container_registry) ### Description diff --git a/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md b/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md index a9ae82e1496..56345beedaa 100644 --- a/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md +++ b/docs/queries/ansible-queries/azure/2a901825-0f3b-4655-a0fe-e0470e50f8e6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/mysql_ssl_connection_disabled) ### Description diff --git a/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md b/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md index 929127a6355..327ce03bd10 100644 --- a/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md +++ b/docs/queries/ansible-queries/azure/2c99a474-2a3c-4c17-8294-53ffa5ed0522.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/storage_account_not_forcing_https) ### Description diff --git a/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md b/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md index 5fa18c2ecf5..a3adc3f4536 100644 --- a/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md +++ b/docs/queries/ansible-queries/azure/2fc5ab5a-c5eb-4ae4-b687-0f16fe77c255.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/waf_is_disabled_for_azure_application_gateway) ### Description diff --git a/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md b/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md index c3c7881d870..00e9f93fd6c 100644 --- a/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md +++ b/docs/queries/ansible-queries/azure/35e2f133-a395-40de-a79d-b260d973d1bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/public_storage_account) ### Description diff --git a/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md b/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md index b155b5ce867..043b01c8811 100644 --- a/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md +++ b/docs/queries/ansible-queries/azure/37fafbea-dedb-4e0d-852e-d16ee0589326.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 345 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/small_activity_log_retention_period) ### Description diff --git a/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md b/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md index efb7b90535b..eb7852ec1c4 100644 --- a/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md +++ b/docs/queries/ansible-queries/azure/3f23c96c-f9f5-488d-9b17-605b8da5842f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/unrestricted_sql_server_acess) ### Description diff --git a/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md b/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md index 73979050dda..a476aa07883 100644 --- a/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md +++ b/docs/queries/ansible-queries/azure/4d3817db-dd35-4de4-a80d-3867157e7f7f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/storage_container_is_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md b/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md index 2a3780bfaa5..a92fb94b0e7 100644 --- a/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md +++ b/docs/queries/ansible-queries/azure/530e8291-2f22-4bab-b7ea-306f1bc2a308.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sql_server_predictable_active_directory_admin_account_name) ### Description diff --git a/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md b/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md index 219090a1f44..19299848d7e 100644 --- a/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md +++ b/docs/queries/ansible-queries/azure/581dae78-307d-45d5-aae4-fe2b0db267a5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 639 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/azure_container_registry_with_no_locks) ### Description diff --git a/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md b/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md index f82ff7ebb68..8c9648fa9b0 100644 --- a/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md +++ b/docs/queries/ansible-queries/azure/5c80db8e-03f5-43a2-b4af-1f3f87018157.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/role_definition_allows_custom_role_creation) ### Description diff --git a/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md b/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md index c925709d80f..d93690df661 100644 --- a/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md +++ b/docs/queries/ansible-queries/azure/663062e9-473d-4e87-99bc-6f3684b3df40.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sql_server_predictable_admin_account_name) ### Description diff --git a/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md b/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md index 20796881a95..ca480d40681 100644 --- a/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md +++ b/docs/queries/ansible-queries/azure/69f72007-502e-457b-bd2d-5012e31ac049.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/firewall_rule_allows_too_many_hosts_to_access_redis_cache) ### Description diff --git a/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md b/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md index 48216b6fd8c..dfe774d2207 100644 --- a/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md +++ b/docs/queries/ansible-queries/azure/729ebb15-8060-40f7-9017-cb72676a5487.md @@ -20,8 +20,8 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_log_duration_not_set) +- **CWE:** 20 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgresql_log_duration_not_set) ### Description Make sure that for PostgreSQL Database, server parameter 'log_duration' is set to 'ON'
diff --git a/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md b/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md index 2236d7e2c38..913babf688a 100644 --- a/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md +++ b/docs/queries/ansible-queries/azure/7ab33ac0-e4a3-418f-a673-50da4e34df21.md @@ -20,8 +20,8 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_log_checkpoints_disabled) +- **CWE:** 20 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgresql_log_checkpoints_disabled) ### Description Make sure that for Postgre SQL Database Server, parameter 'log_checkpoints' is set to 'ON'
diff --git a/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md b/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md index 01bfa3c78b6..0aceeee3cf4 100644 --- a/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md +++ b/docs/queries/ansible-queries/azure/7b47138f-ec0e-47dc-8516-e7728fe3cc17.md @@ -20,8 +20,8 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_log_connections_not_set) +- **CWE:** 778 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgresql_log_connections_not_set) ### Description Make sure that for PostgreSQL Database, server parameter 'log_connections' is set to 'ON'
diff --git a/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md b/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md index 7c88175a664..e71b00bd518 100644 --- a/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md +++ b/docs/queries/ansible-queries/azure/869e7fb4-30f0-4bdb-b360-ad548f337f2f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/redis_cache_allows_non_ssl_connections) ### Description diff --git a/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md b/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md index be8676020ca..9709c380473 100644 --- a/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md +++ b/docs/queries/ansible-queries/azure/881696a8-68c5-4073-85bc-7c38a3deb854.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 451 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/key_vault_soft_delete_is_disabled) ### Description diff --git a/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md b/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md index abe188d552c..21e792d1502 100644 --- a/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md +++ b/docs/queries/ansible-queries/azure/89f84a1e-75f8-47c5-83b5-bee8e2de4168.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/monitoring_log_profile_without_all_activities) ### Description diff --git a/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md b/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md index 58c287740c3..8be77cc2929 100644 --- a/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md +++ b/docs/queries/ansible-queries/azure/8c3bedf1-c570-4c3b-b414-d068cd39a00c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/aks_network_policy_misconfigured) ### Description diff --git a/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md b/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md index ddc56e420b1..3549acd1085 100644 --- a/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md +++ b/docs/queries/ansible-queries/azure/961ce567-a16d-4d7d-9027-f0ec2628a555.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/ssl_enforce_is_disabled) ### Description diff --git a/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md b/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md index f4887b21815..e691d306b11 100644 --- a/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md +++ b/docs/queries/ansible-queries/azure/a9becca7-892a-4af7-b9e1-44bf20a4cd9a.md @@ -20,8 +20,8 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgre_sql_server_without_connection_throttling) +- **CWE:** 770 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/postgresql_server_without_connection_throttling) ### Description Ensure that Connection Throttling is set for the PostgreSQL server
diff --git a/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md b/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md index a83d12f623b..ff94f777138 100644 --- a/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md +++ b/docs/queries/ansible-queries/azure/b176e927-bbe2-44a6-a9c3-041417137e5f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/ad_admin_not_configured_for_sql_server) ### Description diff --git a/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md b/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md index 9975497870f..dc2e2317941 100644 --- a/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md +++ b/docs/queries/ansible-queries/azure/c62746cf-92d5-4649-9acf-7d48d086f2ee.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/storage_account_not_using_latest_tls_encryption_version) ### Description diff --git a/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md b/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md index d299b03a53e..77a71dac1bc 100644 --- a/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md +++ b/docs/queries/ansible-queries/azure/ca4df748-613a-4fbf-9c76-f02cbd580307.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/default_azure_storage_account_network_access_is_too_permissive) ### Description diff --git a/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md b/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md index 0727a6cdf1d..8a91c24363e 100644 --- a/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md +++ b/docs/queries/ansible-queries/azure/d5e83b32-56dd-4247-8c2e-074f43b38a5e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/aks_monitoring_logging_disabled) ### Description diff --git a/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md b/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md index c751c04e109..d4bd774f280 100644 --- a/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md +++ b/docs/queries/ansible-queries/azure/da4f2739-174f-4cdd-b9ef-dc3f14b5931f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/security_group_is_not_configured) ### Description diff --git a/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md b/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md index 5d79e62a679..e17f0294afa 100644 --- a/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md +++ b/docs/queries/ansible-queries/azure/e2d834b7-8b25-4935-af53-4a60668dcbe0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/azure_instance_using_basic_authentication) ### Description diff --git a/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md b/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md index 5728073b1c0..f19f5c1d7a5 100644 --- a/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md +++ b/docs/queries/ansible-queries/azure/e8c80448-31d8-4755-85fc-6dbab69c2717.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/cosmosdb_account_ip_range_filter_not_set) ### Description diff --git a/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md b/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md index fb6abf57b72..578b87792df 100644 --- a/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md +++ b/docs/queries/ansible-queries/azure/eb8c2560-8bee-4248-9d0d-e80c8641dd91.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/web_app_accepting_traffic_other_than_https) ### Description diff --git a/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md b/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md index a9ebfe74e89..d05d2a92fce 100644 --- a/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md +++ b/docs/queries/ansible-queries/azure/f4e9ff70-0f3b-4c50-a713-26cbe7ec4039.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/azure/sql_server_ingress_from_any_ip) ### Description diff --git a/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md b/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md index f090f5dd827..800eed59404 100644 --- a/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md +++ b/docs/queries/ansible-queries/c05e2c20-0a2c-4686-b1f8-5f0a5612d4e8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Supply-Chain -- **CWE:** Ongoing +- **CWE:** 706 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/general/unpinned_package_version) ### Description diff --git a/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md b/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md index 7ef6d0c351a..1415b09eb1b 100644 --- a/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md +++ b/docs/queries/ansible-queries/c6473dae-8477-4119-88b7-b909b435ce7b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/logging_of_sensitive_data) ### Description diff --git a/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md b/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md index 17c16f7c1ac..a3d8357073f 100644 --- a/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md +++ b/docs/queries/ansible-queries/d7dc9350-74bc-485b-8c85-fed22d276c43.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/config/communication_over_http) ### Description diff --git a/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md b/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md index c6281b92567..a14fe7e4d21 100644 --- a/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md +++ b/docs/queries/ansible-queries/gcp/086031e1-9d4a-4249-acb3-5bfe4c363db2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_storage_anonymous_or_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md b/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md index 2ed403d9d9b..fa63e69ab54 100644 --- a/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md +++ b/docs/queries/ansible-queries/gcp/092bae86-6105-4802-99d2-99cd7e7431f3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/disk_encryption_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md b/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md index f85e50c5e2f..f81f8b79181 100644 --- a/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md +++ b/docs/queries/ansible-queries/gcp/099b4411-d11e-4537-a0fc-146b19762a79.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances) ### Description diff --git a/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md b/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md index 7d1ceb1c35c..6557d93011f 100644 --- a/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md +++ b/docs/queries/ansible-queries/gcp/0c82eae2-aca0-401f-93e4-fb37a0f9e5e8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/sql_db_instance_backup_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md b/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md index 04acf183b40..1d9deb853c7 100644 --- a/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md +++ b/docs/queries/ansible-queries/gcp/11bd3554-cd56-4257-8e25-7aaf30cf8f5f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/ip_forwarding_enabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md b/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md index 6d69873068b..bfe0fc1efcc 100644 --- a/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md +++ b/docs/queries/ansible-queries/gcp/18d3a83d-4414-49dc-90ea-f0387b2856cc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/shielded_vm_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md b/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md index ca0cb99c398..0268798be14 100644 --- a/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md +++ b/docs/queries/ansible-queries/gcp/19c9e2a0-fc33-4264-bba1-e3682661e8f7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/stackdriver_logging_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md b/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md index 0b0bdb3473e..b5d9098ef60 100644 --- a/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md +++ b/docs/queries/ansible-queries/gcp/20180133-a0d0-4745-bfe0-94049fbb12a9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/client_certificate_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md b/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md index 514fcbebb6d..11659e79e84 100644 --- a/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md +++ b/docs/queries/ansible-queries/gcp/20dcd953-a8b8-4892-9026-9afa6d05a525.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/stackdriver_monitoring_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md b/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md index 838bf9e780c..8bfdb9f8dcf 100644 --- a/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md +++ b/docs/queries/ansible-queries/gcp/2263b286-2fe9-4747-a0ae-8b4768a2bbd2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/bigquery_dataset_is_public) ### Description diff --git a/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md b/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md index e92735a5e51..913c656be13 100644 --- a/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md +++ b/docs/queries/ansible-queries/gcp/2775e169-e708-42a9-9305-b58aadd2c4dd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/using_default_service_account) ### Description diff --git a/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md b/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md index b4638b6bc3e..815375ff909 100644 --- a/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md +++ b/docs/queries/ansible-queries/gcp/28a757fc-3d8f-424a-90c0-4233363b2711.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_misconfigured_log_messages_flag) ### Description diff --git a/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md b/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md index 5f69272e30c..5e71373ac69 100644 --- a/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md +++ b/docs/queries/ansible-queries/gcp/29b8224a-60e9-4011-8ac2-7916a659841f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_network_using_default_firewall_rule) ### Description diff --git a/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md b/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md index 37b9915a729..ad7c097c425 100644 --- a/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md +++ b/docs/queries/ansible-queries/gcp/300a9964-b086-41f7-9378-b6de3ba1c32b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_legacy_authorization_enabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md b/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md index c202cc89d52..58459d6ffa7 100644 --- a/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md +++ b/docs/queries/ansible-queries/gcp/344bf8ab-9308-462b-a6b2-697432e40ba1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_basic_authentication_enabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md b/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md index 3eb3596ff13..7d0f4f46b18 100644 --- a/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md +++ b/docs/queries/ansible-queries/gcp/3602d273-3290-47b2-80fa-720162b1a8af.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_network_using_firewall_rule_allows_all_ports) ### Description diff --git a/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md b/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md index 186a12ad635..3441f3b5c87 100644 --- a/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md +++ b/docs/queries/ansible-queries/gcp/3b30e3d6-c99b-4318-b38f-b99db74578b5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/private_cluster_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md b/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md index 566fb82d59b..31ea61815f7 100644 --- a/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md +++ b/docs/queries/ansible-queries/gcp/507df964-ad97-4035-ab14-94a82eabdfdd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_storage_bucket_logging_not_enabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md b/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md index 151db403e09..c08103f311c 100644 --- a/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md +++ b/docs/queries/ansible-queries/gcp/66dae697-507b-4aef-be18-eec5bd707f33.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/oslogin_is_disabled_for_vm_instance) ### Description diff --git a/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md b/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md index d0253ef6911..83186e713be 100644 --- a/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md +++ b/docs/queries/ansible-queries/gcp/6a4080ae-79bd-42f6-a924-8f534c1c018b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_subnetwork_with_private_google_access_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md b/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md index 4ebeec1f946..149693d32dd 100644 --- a/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md +++ b/docs/queries/ansible-queries/gcp/6cf4c3a7-ceb0-4475-8892-3745b84be24a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/dnssec_using_rsasha1) ### Description diff --git a/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md b/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md index 424249ee9aa..32eed9f3689 100644 --- a/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md +++ b/docs/queries/ansible-queries/gcp/6d34aff3-fdd2-460c-8190-756a3b4969e8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_sql_instance_with_contained_database_authentication_on) ### Description diff --git a/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md b/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md index 7e36bde84ba..72238e8af5f 100644 --- a/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md +++ b/docs/queries/ansible-queries/gcp/7289eebd-a477-4064-8ad4-3c044bd70b00.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_network_using_firewall_allows_port_range) ### Description diff --git a/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md b/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md index 6699370de39..e57876328a4 100644 --- a/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md +++ b/docs/queries/ansible-queries/gcp/75418eb9-39ec-465f-913c-6f2b6a80dc77.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/rdp_access_is_not_restricted) ### Description diff --git a/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md b/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md index bd2a31ba8c0..eb0b5690bb7 100644 --- a/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md +++ b/docs/queries/ansible-queries/gcp/7814ddda-e758-4a56-8be3-289a81ded929.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_storage_bucket_versioning_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md b/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md index c6d76989414..8ea5b613c3f 100644 --- a/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md +++ b/docs/queries/ansible-queries/gcp/7d7054c0-3a52-4e9b-b9ff-cbfe16a2378b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Critical - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/sql_db_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md b/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md index 26c14e8dc4a..705ef5413c0 100644 --- a/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md +++ b/docs/queries/ansible-queries/gcp/80b15fb1-6207-40f4-a803-6915ae619a03.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 350 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_dns_without_dnnsec) ### Description diff --git a/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md b/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md index 729e4d25a73..57e8edabf46 100644 --- a/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md +++ b/docs/queries/ansible-queries/gcp/829f1c60-2bab-44c6-8a21-5cd9d39a2c82.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/compute_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md b/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md index 53bb817f9ea..93f87cc8fb4 100644 --- a/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md +++ b/docs/queries/ansible-queries/gcp/89afe3f0-4681-4ce3-89ed-896cebd4277c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_log_checkpoints_flag_not_set_to_on) ### Description diff --git a/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md b/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md index f102acc7220..1fc0ca1dd41 100644 --- a/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md +++ b/docs/queries/ansible-queries/gcp/98e04ca0-34f5-4c74-8fec-d2e611ce2790.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/network_policy_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md b/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md index 75d1ece9e14..b08c79c491b 100644 --- a/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md +++ b/docs/queries/ansible-queries/gcp/9df7f78f-ebe3-432e-ac3b-b67189c15518.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cluster_master_authentication_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md b/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md index 3e7a55c7f33..4ea8744173b 100644 --- a/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md +++ b/docs/queries/ansible-queries/gcp/9e0c33ed-97f3-4ed6-8be9-bcbf3f65439f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cloud_sql_instance_with_cross_db_ownership_chaining_on) ### Description diff --git a/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md b/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md index 652a70bd6f6..59c8bbe00c6 100644 --- a/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md +++ b/docs/queries/ansible-queries/gcp/a7b520bb-2509-4fb0-be05-bc38f54c7a4c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/mysql_instance_with_local_infile_on) ### Description diff --git a/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md b/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md index b99ca2952bc..f22b51f63d2 100644 --- a/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md +++ b/docs/queries/ansible-queries/gcp/aed98a2a-e680-497a-8886-277cea0f4514.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_misconfigured_logging_duration_flag) ### Description diff --git a/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md b/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md index 6e5b2bfe276..b2d27ac02b3 100644 --- a/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md +++ b/docs/queries/ansible-queries/gcp/b28bcd2f-c309-490e-ab7c-35fc4023eb26.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_compute_ssl_policy_weak_cipher_in_use) ### Description diff --git a/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md b/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md index 711c32e6882..1db0e4c97dd 100644 --- a/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md +++ b/docs/queries/ansible-queries/gcp/b2fbf1df-76dd-4d78-a6c0-e538f4a9b016.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/ssh_access_is_not_restricted) ### Description diff --git a/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md b/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md index fe724981669..60e2cb32722 100644 --- a/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md +++ b/docs/queries/ansible-queries/gcp/bc20bbc6-0697-4568-9a73-85af1dd97bdd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/vm_with_full_cloud_access) ### Description diff --git a/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md b/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md index e9177793276..8ca7e77e344 100644 --- a/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md +++ b/docs/queries/ansible-queries/gcp/be41f891-96b1-4b9d-b74f-b922a918c778.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1021 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cos_node_image_not_used) ### Description diff --git a/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md b/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md index 6950b384f24..f80e1e4deec 100644 --- a/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md +++ b/docs/queries/ansible-queries/gcp/c6fc6f29-dc04-46b6-99ba-683c01aff350.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/serial_ports_enabled_for_vm_instances) ### Description diff --git a/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md b/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md index 1aeb150befc..bd76ce6a1c3 100644 --- a/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md +++ b/docs/queries/ansible-queries/gcp/d0f7da39-a2d5-4c78-bb85-4b7f338b3cbb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/sql_db_instance_with_ssl_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md b/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md index 38508269305..42d119b4788 100644 --- a/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md +++ b/docs/queries/ansible-queries/gcp/d43366c5-80b0-45de-bbe8-2338f4ab0a83.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_master_authorized_networks_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md b/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md index 5598a6f386d..96a5c2b79aa 100644 --- a/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md +++ b/docs/queries/ansible-queries/gcp/d58c6f24-3763-4269-9f5b-86b2569a003b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/google_container_node_pool_auto_repair_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md b/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md index a077d198f57..d42debcbcc8 100644 --- a/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md +++ b/docs/queries/ansible-queries/gcp/d6e10477-2e19-4bcd-b8a8-19c65b89ccdf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/node_auto_upgrade_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md b/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md index f7c002c4635..df1ac0f4c3c 100644 --- a/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md +++ b/docs/queries/ansible-queries/gcp/d6fae5b6-ada9-46c0-8b36-3108a2a2f77b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_logging_of_temporary_files_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md b/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md index 5fb5d325db0..04c0f5cfa1f 100644 --- a/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md +++ b/docs/queries/ansible-queries/gcp/d7a5616f-0a3f-4d43-bc2b-29d1a183e317.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/postgresql_log_connections_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md b/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md index 0b0b5f8a0a3..c4ec9d25c0a 100644 --- a/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md +++ b/docs/queries/ansible-queries/gcp/dc126833-125a-40fb-905a-ce5f2afde240.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/gke_using_default_service_account) ### Description diff --git a/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md b/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md index f5b0eace682..820cac03ef5 100644 --- a/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md +++ b/docs/queries/ansible-queries/gcp/ed672a9f-fbf0-44d8-a47d-779501b0db05.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/ip_aliasing_disabled) ### Description diff --git a/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md b/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md index 50a77cacede..063bf616b91 100644 --- a/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md +++ b/docs/queries/ansible-queries/gcp/f9b7086b-deb8-4034-9330-d7fd38f1b8de.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 325 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/high_google_kms_crypto_key_rotation_period) ### Description diff --git a/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md b/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md index 64ef7cb7127..cc4e3ed9a42 100644 --- a/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md +++ b/docs/queries/ansible-queries/gcp/fbe9b2d0-a2b7-47a1-a534-03775f3013f7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Ansible - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/ansible/gcp/cluster_labels_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries.md b/docs/queries/azureresourcemanager-queries.md index ce25e03fdf3..d25cda2679a 100644 --- a/docs/queries/azureresourcemanager-queries.md +++ b/docs/queries/azureresourcemanager-queries.md @@ -22,10 +22,10 @@ This page contains all queries from AzureResourceManager. |Website Not Forcing HTTPS
488847ff-6031-487c-bf42-98fd6ac5c9a0|Medium|Insecure Configurations|Query details
Documentation
| |MySQL Server SSL Enforcement Disabled
90120147-f2e7-4fda-bb21-6fa9109afd63|Medium|Networking and Firewall|Query details
Documentation
| |Network Security Group With Unrestricted Access To SSH
2ade1579-4b2c-4590-bebb-f99bf597f612|Medium|Networking and Firewall|Query details
Documentation
| +|PostgreSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|Medium|Networking and Firewall|Query details
Documentation
| |PostgreSQL Database Server Log Checkpoints Disabled
f9112910-c7bb-4864-9f5e-2059ba413bb7|Medium|Networking and Firewall|Query details
Documentation
| |PostgreSQL Database Server Log Connections Disabled
e69bda39-e1e2-47ca-b9ee-b6531b23aedd|Medium|Networking and Firewall|Query details
Documentation
| |PostgreSQL Database Server SSL Disabled
bf500309-da53-4dd3-bcf7-95f7974545a5|Medium|Networking and Firewall|Query details
Documentation
| -|PostgresSQL Database Server Connection Throttling Disabled
a6d774b6-d9ea-4bf4-8433-217bf15d2fb8|Medium|Networking and Firewall|Query details
Documentation
| |Trusted Microsoft Services Not Enabled
e25b56cd-a4d6-498f-ab92-e6296a082097|Medium|Networking and Firewall|Query details
Documentation
| |Website with Client Certificate Auth Disabled
92302b47-b0cc-46cb-a28f-5610ecda140b|Medium|Networking and Firewall|Query details
Documentation
| |AKS Logging To Azure Monitoring Is Disabled
9b09dee1-f09b-4013-91d2-158fa4695f4b|Medium|Observability|Query details
Documentation
| diff --git a/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md b/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md index ab2c7ceb4ab..d923ab9c1b8 100644 --- a/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md +++ b/docs/queries/azureresourcemanager-queries/azure/1367dd13-2c90-4020-80b7-e4339a3dc2c4.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_account_allows_unsecure_transfer) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md b/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md index f6b3f29d6cd..8e228b2e87c 100644 --- a/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md +++ b/docs/queries/azureresourcemanager-queries/azure/2081c7d6-2851-4cce-bda5-cb49d462da42.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/standard_price_not_selected) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md b/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md index 0245523be09..031bf124957 100644 --- a/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md +++ b/docs/queries/azureresourcemanager-queries/azure/25684eac-daaa-4c2c-94b4-8d2dbb627909.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/unrecommended_log_profile_retention_policy) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md b/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md index ed3261b7cf5..799006d2123 100644 --- a/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md +++ b/docs/queries/azureresourcemanager-queries/azure/2583fab1-953b-4fae-bd02-4a136a6c21f9.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_with_authorized_ip_ranges_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md b/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md index 81053fbeb26..0c762782148 100644 --- a/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md +++ b/docs/queries/azureresourcemanager-queries/azure/25c0228e-4444-459b-a2df-93c7df40b7ed.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_cluster_network_policy_not_configured) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md b/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md index 4f701de505b..21d4487bd9d 100644 --- a/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md +++ b/docs/queries/azureresourcemanager-queries/azure/2ade1579-4b2c-4590-bebb-f99bf597f612.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/network_security_group_with_unrestricted_access_to_ssh) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md b/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md index 7f1655600ca..4462ec52385 100644 --- a/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md +++ b/docs/queries/azureresourcemanager-queries/azure/350f3955-b5be-436f-afaa-3d2be2fa6cdd.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/azure_managed_disk_without_encryption) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md b/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md index 6b37f8b1e6a..4562d6236ab 100644 --- a/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md +++ b/docs/queries/azureresourcemanager-queries/azure/3e9fcc67-1f64-405f-b2f9-0a6be17598f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/phone_number_not_set_security_contacts) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md b/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md index 00feb549bfc..4972027cf76 100644 --- a/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md +++ b/docs/queries/azureresourcemanager-queries/azure/43f6e60c-9cdb-4e77-864d-a66595d26518.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_logging_for_read_write_delete_requests_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md b/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md index cc0e49af28d..cf7eb20aea5 100644 --- a/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md +++ b/docs/queries/azureresourcemanager-queries/azure/488847ff-6031-487c-bf42-98fd6ac5c9a0.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_not_forcing_https) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md b/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md index 92f8c9ad646..c74a4e49c42 100644 --- a/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md +++ b/docs/queries/azureresourcemanager-queries/azure/4d2cf896-c053-4be5-9c95-8b4771112f29.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/hardcoded_securestring_parameter_default_value) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md b/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md index 83a0416b2e4..137e86f6d36 100644 --- a/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md +++ b/docs/queries/azureresourcemanager-queries/azure/4d522e7b-f938-4d51-a3b1-974ada528bd3.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/log_profile_incorrect_category) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md b/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md index 2a6572a15fa..71bf1e713a8 100644 --- a/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md +++ b/docs/queries/azureresourcemanager-queries/azure/564b70f8-41cd-4690-aff8-bb53add86bc9.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/unrecommended_network_watcher_flow_log_retention_policy) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md b/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md index a548599238f..49a49aea2c6 100644 --- a/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md +++ b/docs/queries/azureresourcemanager-queries/azure/574e8d82-1db2-4b9c-b526-e320ede9a9ff.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_server_database_with_alerts_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md b/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md index a8fe60ba13c..8b212d39ac1 100644 --- a/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md +++ b/docs/queries/azureresourcemanager-queries/azure/59cb3da7-f206-4ae6-b827-7abf0a9cab9d.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/network_security_group_with_unrestricted_access_to_rdp) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md b/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md index 7c1ddec03db..e28b68832fe 100644 --- a/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md +++ b/docs/queries/azureresourcemanager-queries/azure/6797f581-0433-4768-ae3e-7ceb2f8b138e.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/azure_instance_using_basic_authentication) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md b/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md index 683d2438f05..d843dd0343a 100644 --- a/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md +++ b/docs/queries/azureresourcemanager-queries/azure/6a3201a5-1630-494b-b294-3129d06b0eca.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_database_server_firewall_allows_all_ips) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md b/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md index be238385569..19bd8e1d05a 100644 --- a/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md +++ b/docs/queries/azureresourcemanager-queries/azure/70111098-7f85-48f0-b1b4-e4261cf5f61b.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 757 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_with_http20enabled_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md b/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md index 1545cb481bd..ceaea980b64 100644 --- a/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md +++ b/docs/queries/azureresourcemanager-queries/azure/79c2c2c0-eb00-47c0-ac16-f8b0e2c81c92.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Info - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/email_notifications_set_off) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md b/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md index 3654399050d..1be7b3ea53c 100644 --- a/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md +++ b/docs/queries/azureresourcemanager-queries/azure/7c25f361-7c66-44bf-9b69-022acd5eb4bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 530 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/key_vault_not_recoverable) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md b/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md index f26869da6a5..e189fed135a 100644 --- a/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md +++ b/docs/queries/azureresourcemanager-queries/azure/83130a07-235b-4a80-918b-a370e53f0bd9.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/app_service_authentication_not_set) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md b/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md index 3075eecade2..898b8410016 100644 --- a/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md +++ b/docs/queries/azureresourcemanager-queries/azure/89b79fe5-49bd-4d39-84ce-55f5fc6f7764.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_alert_policy_without_emails) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md b/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md index e28befa00d3..87f08a3d261 100644 --- a/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md +++ b/docs/queries/azureresourcemanager-queries/azure/8fa9ceea-881f-4ef0-b0b8-728f589699a7.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 266 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/role_definitions_allow_custom_subscription_role_creation) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md b/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md index b66ab8f3c6b..aba2cc3f9c9 100644 --- a/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md +++ b/docs/queries/azureresourcemanager-queries/azure/90120147-f2e7-4fda-bb21-6fa9109afd63.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/mysql_server_ssl_enforcement_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md b/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md index f5beab00df6..25286b9d20e 100644 --- a/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md +++ b/docs/queries/azureresourcemanager-queries/azure/9073f073-5d60-4b46-b569-0d6baa80ed95.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_account_allows_network_default_access) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md b/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md index 7e46948a57d..1802d6ca3b6 100644 --- a/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md +++ b/docs/queries/azureresourcemanager-queries/azure/92302b47-b0cc-46cb-a28f-5610ecda140b.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_with_client_certificate_auth_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md b/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md index ee81a897b07..b292b844bd9 100644 --- a/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md +++ b/docs/queries/azureresourcemanager-queries/azure/9307a2ed-35c2-413d-94de-a1a0682c2158.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_cluster_rbac_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md b/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md index 78c5a1597bd..7d6d0a8f01c 100644 --- a/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md +++ b/docs/queries/azureresourcemanager-queries/azure/9b09dee1-f09b-4013-91d2-158fa4695f4b.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_logging_azure_monitoring_disabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md b/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md index 2a5d3a4ea17..e4cf985636d 100644 --- a/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md +++ b/docs/queries/azureresourcemanager-queries/azure/a0ab985d-660b-41f7-ac81-70957ee8e627.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/storage_blob_service_container_with_public_access) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md b/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md index c2fb6315219..526f2ccccbf 100644 --- a/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md +++ b/docs/queries/azureresourcemanager-queries/azure/a6d774b6-d9ea-4bf4-8433-217bf15d2fb8.md @@ -1,5 +1,5 @@ --- -title: PostgresSQL Database Server Connection Throttling Disabled +title: PostgreSQL Database Server Connection Throttling Disabled hide: toc: true navigation: true @@ -16,12 +16,12 @@ hide: - **Query id:** a6d774b6-d9ea-4bf4-8433-217bf15d2fb8 -- **Query name:** PostgresSQL Database Server Connection Throttling Disabled +- **Query name:** PostgreSQL Database Server Connection Throttling Disabled - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_database_server_connection_throttling_disabled) +- **CWE:** 770 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgresql_database_server_connection_throttling_disabled) ### Description Microsoft.DBforPostgreSQL/servers/configurations should have 'connection_throttling' property set to 'on'
diff --git a/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md b/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md index e5ea3859a92..d76db5cac90 100644 --- a/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md +++ b/docs/queries/azureresourcemanager-queries/azure/a8852cc0-fd4b-4fc7-9372-1e43fad0732e.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/account_admins_not_notified_by_email) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md b/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md index e75eecfef2a..b3f16b99bb4 100644 --- a/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md +++ b/docs/queries/azureresourcemanager-queries/azure/b5c851d5-00f1-43dc-a8de-3218fd6f71be.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 327 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/web_app_not_using_tls_last_version) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md b/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md index 26cc42d7ecc..8396e41f8a0 100644 --- a/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md +++ b/docs/queries/azureresourcemanager-queries/azure/bf500309-da53-4dd3-bcf7-95f7974545a5.md @@ -20,8 +20,8 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_server_ssl_disabled) +- **CWE:** 732 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgresql_server_ssl_disabled) ### Description Microsoft.DBforPostgreSQL/servers sslEnforcement property should be set to 'Enabled'
diff --git a/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md b/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md index ae44a74caa9..57c1eb4e2da 100644 --- a/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md +++ b/docs/queries/azureresourcemanager-queries/azure/c09cdac2-7670-458a-bf6c-efad6880973a.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_server_database_with_low_retention_days) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md b/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md index 0a9fc42bf7d..ad14b6c5b88 100644 --- a/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md +++ b/docs/queries/azureresourcemanager-queries/azure/c62d3b92-9a11-4ffd-b7b7-6faaae83faed.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/aks_dashboard_enabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md b/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md index 7f4eba5f3d5..66d5bb04680 100644 --- a/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md +++ b/docs/queries/azureresourcemanager-queries/azure/cff9c3f7-e8f0-455f-9fb4-5f72326da96e.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 1390 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/secret_without_expiration_date) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md b/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md index 8cac05fae70..4a9eb4eda5a 100644 --- a/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md +++ b/docs/queries/azureresourcemanager-queries/azure/d855ced8-6157-448f-9f1d-f05a41d046f7.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/default_azure_storage_account_network_access_is_too_permissive) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md b/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md index aa044aaf46f..d5895196658 100644 --- a/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md +++ b/docs/queries/azureresourcemanager-queries/azure/e055285c-bc01-48b4-8aa5-8a54acdd29df.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/sql_server_database_without_auditing) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md b/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md index 59f6030375f..2e72a21431e 100644 --- a/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md +++ b/docs/queries/azureresourcemanager-queries/azure/e25b56cd-a4d6-498f-ab92-e6296a082097.md @@ -20,7 +20,7 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/trusted_microsoft_services_not_enabled) ### Description diff --git a/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md b/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md index e1c7e87d7f2..c9e0cc4ac1c 100644 --- a/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md +++ b/docs/queries/azureresourcemanager-queries/azure/e69bda39-e1e2-47ca-b9ee-b6531b23aedd.md @@ -20,8 +20,8 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_server_log_connections_disabled) +- **CWE:** 778 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgresql_server_log_connections_disabled) ### Description Microsoft.DBforPostgreSQL/servers/configurations should have 'log_connections' property set to 'on'
diff --git a/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md b/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md index 4e167e9f3f0..aa78d527108 100644 --- a/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md +++ b/docs/queries/azureresourcemanager-queries/azure/e9c133e5-c2dd-4b7b-8fff-40f2de367b56.md @@ -20,11 +20,11 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/website_azure_active_directory_disabled) ### Description -WebApp should have Azure Active Directory enabled with 'identity.type' set to 'SystemAssigned' or 'userAssignedIdentities' set to 'true'
+WebApp should have Azure Active Directory enabled with 'identity.type' set to 'SystemAssigned' or 'userAssignedIdentities' set to 'true'
[Documentation](https://docs.microsoft.com/en-us/azure/templates/microsoft.web/2019-08-01/sites?tabs=json#ManagedServiceIdentity) ### Code samples diff --git a/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md b/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md index 9c7e739e805..000606939c6 100644 --- a/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md +++ b/docs/queries/azureresourcemanager-queries/azure/f9112910-c7bb-4864-9f5e-2059ba413bb7.md @@ -20,8 +20,8 @@ hide: - **Platform:** AzureResourceManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgres_sql_server_log_checkpoint_disabled) +- **CWE:** 778 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/azureResourceManager/postgresql_server_log_checkpoint_disabled) ### Description Microsoft.DBforPostgreSQL/servers/configurations should have 'log_checkpoint' property set to 'on'
diff --git a/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md b/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md index 67c6e918761..f8c38993e85 100644 --- a/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md +++ b/docs/queries/buildah-queries/a1bc27c6-7115-48d8-bf9d-5a7e836845ba.md @@ -20,7 +20,7 @@ hide: - **Platform:** Buildah - **Severity:** Low - **Category:** Supply-Chain -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/buildah/run_using_apt) ### Description diff --git a/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md b/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md index 9dea0defeb5..66d1f6b8992 100644 --- a/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md +++ b/docs/queries/cicd-queries/20f14e1a-a899-4e79-9f09-b6a84cd4649b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CICD - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 94 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/run_block_injection) ### Description @@ -205,10 +205,10 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up Go 1.23.x + - name: Set up Go 1.22.x uses: actions/setup-go@v5 with: - go-version: 1.23.x + go-version: 1.22.x - name: Run test metrics script id: testcov run: | diff --git a/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md b/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md index d98694dd9e6..dbde3faa68c 100644 --- a/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md +++ b/docs/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CICD - **Severity:** Low - **Category:** Supply-Chain -- **CWE:** Ongoing +- **CWE:** 829 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/unpinned_actions_full_length_commit_sha) ### Description diff --git a/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md b/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md index b1e1a474c17..13b280b5152 100644 --- a/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md +++ b/docs/queries/cicd-queries/60fd272d-15f4-4d8f-afe4-77d9c6cc0453.md @@ -20,7 +20,7 @@ hide: - **Platform:** CICD - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 78 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/unsecured_commands) ### Description diff --git a/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md b/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md index e5fa17ee7b3..d8f0a206a82 100644 --- a/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md +++ b/docs/queries/cicd-queries/62ff6823-927a-427f-acf9-f1ea2932d616.md @@ -20,7 +20,7 @@ hide: - **Platform:** CICD - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 94 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cicd/github/script_block_injection) ### Description diff --git a/docs/queries/cloudformation-queries.md b/docs/queries/cloudformation-queries.md index a0e078048fb..f743d743ee6 100644 --- a/docs/queries/cloudformation-queries.md +++ b/docs/queries/cloudformation-queries.md @@ -211,7 +211,7 @@ Below are listed queries related to CloudFormation AWS: |IAM Policies Without Groups
5e7acff5-095b-40ac-9073-ac2e4ad8a512|Low|Best Practices|Query details
Documentation
| |Lambda Permission Misconfigured
9b83114b-b2a1-4534-990d-06da015e47aa|Low|Best Practices|Query details
Documentation
| |Security Group Ingress Has CIDR Not Recommended
a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd|Low|Best Practices|Query details
Documentation
| -|DynamoDB With Not Recommented Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|Low|Build Process|Query details
Documentation
| +|DynamoDB With Not Recommended Table Billing Mode
c333e906-8d8b-4275-b999-78b6318f8dc6|Low|Build Process|Query details
Documentation
| |EFS Without Tags
08e39832-5e42-4304-98a0-aa5b43393162|Low|Build Process|Query details
Documentation
| |API Gateway With Invalid Compression
d6653eee-2d4d-4e6a-976f-6794a497999a|Low|Encryption|Query details
Documentation
| |CloudTrail Log Files Not Encrypted With KMS
050a9ba8-d1cb-4c61-a5e8-8805a70d3b85|Low|Encryption|Query details
Documentation
| diff --git a/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md b/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md index ebfe2a9d512..18263f6f40e 100644 --- a/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md +++ b/docs/queries/cloudformation-queries/aws/0104165b-02d5-426f-abc9-91fb48189899.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/db_security_group_open_to_large_scope) ### Description diff --git a/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md b/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md index 5a6087ffb03..9cea15aac4b 100644 --- a/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md +++ b/docs/queries/cloudformation-queries/aws/01986452-bdd8-4aaa-b5df-d6bf61d616ff.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_service_admin_role_is_present) ### Description diff --git a/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md b/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md index e71bde2d2bf..eebeca80af3 100644 --- a/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md +++ b/docs/queries/cloudformation-queries/aws/01d5a458-a6c4-452a-ac50-054d59275b7c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_with_security_group_without_outbound_rules) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md b/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md index e646ace29f6..0374f320850 100644 --- a/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md +++ b/docs/queries/cloudformation-queries/aws/0264093f-6791-4475-af34-4b8102dcbcd0.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_monitoring_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md b/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md index 5c5495d2426..fb1cdaa0bf7 100644 --- a/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md +++ b/docs/queries/cloudformation-queries/aws/027a4b7a-8a59-4938-a04f-ed532512cf45.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_task_definition_network_mode_not_recommended) ### Description diff --git a/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md b/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md index 1ad4280a263..6196a23512f 100644 --- a/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md +++ b/docs/queries/cloudformation-queries/aws/03879981-efa2-47a0-a818-c843e1441b88.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_permissive_network_acl_protocols) ### Description diff --git a/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md b/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md index 79cf468de56..f4797ff20ae 100644 --- a/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md +++ b/docs/queries/cloudformation-queries/aws/03b38885-8f4e-480c-a0e4-12c1affd15db.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_app_oauth_token_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md b/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md index 829e3b5c416..b5f3005645b 100644 --- a/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md +++ b/docs/queries/cloudformation-queries/aws/045ddb54-cfc5-4abb-9e05-e427b2bc96fe.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Info - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 358 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_network_acl_duplicate_rule) ### Description diff --git a/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md b/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md index 0efb08a7541..2ab744e240e 100644 --- a/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md +++ b/docs/queries/cloudformation-queries/aws/050a9ba8-d1cb-4c61-a5e8-8805a70d3b85.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_log_files_not_encrypted_with_kms) ### Description diff --git a/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md b/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md index 82656b2d6f3..7740a010ed7 100644 --- a/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md +++ b/docs/queries/cloudformation-queries/aws/058ac855-989f-4378-ba4d-52d004020da7.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_multi_region_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md b/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md index 5ea0cc574f8..f6061767648 100644 --- a/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md +++ b/docs/queries/cloudformation-queries/aws/06933df4-0ea7-461c-b9b5-104d27390e0e.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_user_with_no_group) ### Description diff --git a/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md b/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md index 712f9f2ec18..cc206893007 100644 --- a/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md +++ b/docs/queries/cloudformation-queries/aws/06adef8c-c284-4de7-aad2-af43b07a8ca1.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_user_login_profile_password_is_in_plaintext) ### Description diff --git a/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md b/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md index bc3fb79e8fa..fdb414ec18f 100644 --- a/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md +++ b/docs/queries/cloudformation-queries/aws/06b9f52a-8cd5-459b-bdc6-21a22521e1be.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/directory_service_microsoft_ad_password_set_to_plaintext_or_default_ref) ### Description diff --git a/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md b/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md index 2d711278bad..2154e26a2f7 100644 --- a/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md +++ b/docs/queries/cloudformation-queries/aws/06ec63e3-9f72-4fe2-a218-2eb9200b8db5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_deployment_without_access_log_setting) ### Description diff --git a/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md b/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md index 50eedca1c0a..9cd8cd64f73 100644 --- a/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md +++ b/docs/queries/cloudformation-queries/aws/07dda8de-d90d-469e-9b37-1aca53526ced.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_or_write_to_all_users) ### Description diff --git a/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md b/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md index e31d56ade6c..e86ad1dadb6 100644 --- a/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md +++ b/docs/queries/cloudformation-queries/aws/086ea2eb-14a6-4fd4-914b-38e0bc8703e8.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_without_slow_logs) ### Description diff --git a/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md b/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md index 29e0be26635..ba131d75bad 100644 --- a/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md +++ b/docs/queries/cloudformation-queries/aws/08b81bb3-0985-4023-8602-b606ad81d279.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_using_default_security_group) ### Description diff --git a/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md b/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md index d85660205d6..c66db95e7fb 100644 --- a/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md +++ b/docs/queries/cloudformation-queries/aws/08e39832-5e42-4304-98a0-aa5b43393162.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_without_tags) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md b/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md index 5cff2bb28e1..118ce93a5f9 100644 --- a/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md +++ b/docs/queries/cloudformation-queries/aws/0a994e04-c6dc-471d-817e-d37451d18a3b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_access_logging_setting_undefined) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md b/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md index 11eadccdeda..6de9dc2ddbb 100644 --- a/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md +++ b/docs/queries/cloudformation-queries/aws/0b0556ea-9cd9-476f-862e-20679dda752b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/ebs) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md b/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md index 3e805d1f3fa..3d3fdcee808 100644 --- a/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md +++ b/docs/queries/cloudformation-queries/aws/0ce1ba20-8ba8-4364-836f-40c24b8cb0ab.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/msk_broker_is_publicly_accessible) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md b/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md index 5a2596ddf2b..d08057ad851 100644 --- a/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md +++ b/docs/queries/cloudformation-queries/aws/0e5872b4-19a0-4165-8b2f-56d9e14b909f.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_managed_policy_applied_to_a_user) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md b/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md index f88aabdb1cc..bde19b4ecda 100644 --- a/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md +++ b/docs/queries/cloudformation-queries/aws/0f04217d-488f-4e7a-bec8-f16159686cd6.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_table_point_in_time_recovery_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md b/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md index dd2cedb2e15..3a37fa5666a 100644 --- a/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md +++ b/docs/queries/cloudformation-queries/aws/0f0fb06b-0f2f-4374-8588-f2c7c348c7a0.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudwatch_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md b/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md index 3f2da52454a..cbe73187cc1 100644 --- a/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md +++ b/docs/queries/cloudformation-queries/aws/0f139403-303f-467c-96bd-e717e6cfd62d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_without_waf) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md b/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md index d0f5a8ac094..e468f9373e0 100644 --- a/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md +++ b/docs/queries/cloudformation-queries/aws/1056dfbb-5802-4762-bf2b-8b9b9684b1b0.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_with_open_access) ### Description diff --git a/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md b/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md index d8c198f9bab..ba680b77539 100644 --- a/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md +++ b/docs/queries/cloudformation-queries/aws/105ba098-1e34-48cd-b0f2-a8a43a51bf9b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/alb_is_not_integrated_with_waf) ### Description diff --git a/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md b/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md index f5c4f51c642..eded62d490c 100644 --- a/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md +++ b/docs/queries/cloudformation-queries/aws/124b173b-e06d-48a6-8acd-f889443d97a4.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/cassandra) ### Description diff --git a/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md b/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md index 1654c80a6f9..0e46c4311e0 100644 --- a/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md +++ b/docs/queries/cloudformation-queries/aws/12726829-93ed-4d51-9cbe-13423f4299e1.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sqs_with_sse_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md b/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md index ab8ee416024..98fed28cb89 100644 --- a/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md +++ b/docs/queries/cloudformation-queries/aws/1819ac03-542b-4026-976b-f37addd59f3b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ebs_volume_not_attached_to_instances) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md b/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md index a6711647b84..8ef85afba37 100644 --- a/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md +++ b/docs/queries/cloudformation-queries/aws/1a427b25-2e9e-4298-9530-0499a55e736b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_ingress_with_all_protocols) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md b/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md index 3a1b7fac954..e5f1396f707 100644 --- a/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md +++ b/docs/queries/cloudformation-queries/aws/1b6322d9-c755-4f8c-b804-32c19250f2d9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/config_rule_for_encryption_volumes_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md b/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md index b87990228e5..a8d29ea8926 100644 --- a/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md +++ b/docs/queries/cloudformation-queries/aws/1bf3b3d4-f373-4d7c-afbb-7d85948a67a5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/docdb_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md b/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md index b05995a70d7..d4eceb31f17 100644 --- a/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md +++ b/docs/queries/cloudformation-queries/aws/1c07bfaf-663c-4f6f-b22b-8e2d481e4df5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cmk_rotation_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md b/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md index 2af601eff51..d3d5f95c179 100644 --- a/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md +++ b/docs/queries/cloudformation-queries/aws/1cc2fbd7-816c-4fbf-ad6d-38a4afa4312a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_egress_cidr_open_to_world) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md b/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md index 05dd2c85ac9..64606fa6b76 100644 --- a/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md +++ b/docs/queries/cloudformation-queries/aws/1d6e16f1-5d8a-4379-bfb3-2dadd38ed5a7.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_permission_principal_is_wildcard) ### Description diff --git a/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md b/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md index 1417dc2dc11..101c91f804e 100644 --- a/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md +++ b/docs/queries/cloudformation-queries/aws/1fe9d958-ddce-4228-a124-05265a959a8b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_using_default_port) ### Description diff --git a/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md b/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md index 35a92f7b1b5..7b1431eeec1 100644 --- a/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md +++ b/docs/queries/cloudformation-queries/aws/209189f3-c879-48a7-9703-fbcfa96d0cef.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/mq) ### Description diff --git a/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md b/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md index 7f744c2e38b..fee354be975 100644 --- a/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md +++ b/docs/queries/cloudformation-queries/aws/219f4c95-aa50-44e0-97de-cf71f4641170.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_all_users) ### Description diff --git a/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md b/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md index 8810c3b76c5..01be7c97f16 100644 --- a/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md +++ b/docs/queries/cloudformation-queries/aws/235ca980-eb71-48f4-9030-df0c371029eb.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kms_enable_key_rotation_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md b/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md index d13a83e8ca6..cd0222622f4 100644 --- a/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md +++ b/docs/queries/cloudformation-queries/aws/24d932e1-91f0-46ea-836f-fdbd81694151.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/route53_record_undefined) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md b/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md index e111c1e99de..b1071cb0f14 100644 --- a/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md +++ b/docs/queries/cloudformation-queries/aws/2564172f-c92b-4261-9acd-464aed511696.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/hardcoded_aws_access_key_in_lambda) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md b/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md index 8dd0fb725c4..e874a46b494 100644 --- a/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md +++ b/docs/queries/cloudformation-queries/aws/2623d682-dccb-44cd-99d0-54d9fd62f8f2.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_network_acl_ineffective_denied_traffic) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md b/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md index 50604970e1b..36e06959c27 100644 --- a/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md +++ b/docs/queries/cloudformation-queries/aws/2730c169-51d7-4ae7-99b5-584379eff1bb.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/msk) ### Description diff --git a/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md b/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md index 6f47fc5c295..0af61af9ed3 100644 --- a/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md +++ b/docs/queries/cloudformation-queries/aws/275a3217-ca37-40c1-a6cf-bb57d245ab32.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/alb_listening_on_http) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md b/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md index 4c5934c9c30..7246dcc0aa8 100644 --- a/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md +++ b/docs/queries/cloudformation-queries/aws/2844c749-bd78-4cd1-90e8-b179df827602.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cmk_is_unusable) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md b/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md index 055587198fc..956a2cb7881 100644 --- a/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md +++ b/docs/queries/cloudformation-queries/aws/2a3560fe-52ca-4443-b34f-bf0ed5eb74c8.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_log_file_validation_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md b/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md index 34184a94bd6..29e16f4d87f 100644 --- a/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md +++ b/docs/queries/cloudformation-queries/aws/2b1d4935-9acf-48a7-8466-10d18bf51a69.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_multi_az_deployment_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md b/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md index 1bed5634a90..5bb461d3609 100644 --- a/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md +++ b/docs/queries/cloudformation-queries/aws/2c161e58-cb52-454f-abea-6470c37b5e6e.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 459 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_db_instance_with_deletion_protection_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md b/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md index 4dcc5e9f79f..e66fb45e6b3 100644 --- a/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md +++ b/docs/queries/cloudformation-queries/aws/2ff8e83c-90e1-4d68-a300-6d652112e622.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_not_encrypted) ### Description diff --git a/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md b/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md index b01d8231040..476098efaeb 100644 --- a/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md +++ b/docs/queries/cloudformation-queries/aws/316278b3-87ac-444c-8f8f-a733a28da60f.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amazon_mq_broker_encryption_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md b/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md index b5444a5f949..218db2cf389 100644 --- a/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md +++ b/docs/queries/cloudformation-queries/aws/31733ee2-fef0-4e87-9778-65da22a8ecf1.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_viewer_protocol_policy_allows_http) ### Description diff --git a/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md b/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md index 7b54041e65e..27ecf3dbbbc 100644 --- a/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md +++ b/docs/queries/cloudformation-queries/aws/323db967-c68e-44e6-916c-a777f95af34b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_using_default_port) ### Description diff --git a/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md b/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md index 1a618be10b5..a962137d087 100644 --- a/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md +++ b/docs/queries/cloudformation-queries/aws/33f41d31-86b1-46a4-81f7-9c9a671f59ac.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecr_image_tag_not_immutable) ### Description diff --git a/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md b/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md index fef6ab20f73..9446893544a 100644 --- a/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md +++ b/docs/queries/cloudformation-queries/aws/350cd468-0e2c-44ef-9d22-cfb73a62523c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_restriction_of_public_bucket) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md b/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md index fde34044c0e..6e8deaf85f2 100644 --- a/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md +++ b/docs/queries/cloudformation-queries/aws/3609d27c-3698-483a-9402-13af6ae80583.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_with_unsecured_cors_rule) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md b/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md index d3d17e9c0fb..9a36b85eb15 100644 --- a/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md +++ b/docs/queries/cloudformation-queries/aws/3641d5b4-d339-4bc2-bfb9-208fe8d3477f.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_method_does_not_contains_an_api_key) ### Description diff --git a/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md b/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md index 0ff7720d2d8..470aaa4fa37 100644 --- a/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md +++ b/docs/queries/cloudformation-queries/aws/37cca703-b74c-48ba-ac81-595b53398e9b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 316 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_cache_encrypted_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md b/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md index 0c27096894a..fe0dba117b2 100644 --- a/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md +++ b/docs/queries/cloudformation-queries/aws/37fa8188-738b-42c8-bf82-6334ea567738.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_should_have_bucket_policy) ### Description diff --git a/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md b/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md index 3eb139a4ad9..0f2d6aa94c3 100644 --- a/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md +++ b/docs/queries/cloudformation-queries/aws/38c64e76-c71e-4d92-a337-60174d1de1c9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_ssl_in_write_actions) ### Description diff --git a/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md b/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md index f7d35250d35..ab64ea32971 100644 --- a/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md +++ b/docs/queries/cloudformation-queries/aws/39423ce4-9011-46cd-b6b1-009edcd9385d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/docdb_cluster_master_password_in_plaintext) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md b/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md index 67c13f7ec31..a6a71019ac6 100644 --- a/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md +++ b/docs/queries/cloudformation-queries/aws/3ae83918-7ec7-4cb8-80db-b91ef0f94002.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_unrestricted_access_to_rdp) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md b/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md index 0942092a6c2..1c756cbe254 100644 --- a/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md +++ b/docs/queries/cloudformation-queries/aws/3b02569b-fc6f-4153-b3a3-ba91022fed68.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_with_disabled_transit_encryption) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md b/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md index 5d2b681e78a..aec6ad8e4f1 100644 --- a/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md +++ b/docs/queries/cloudformation-queries/aws/3b316b05-564c-44a7-9c3f-405bb95e211e.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_not_encrypted) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md b/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md index af15ebf7aad..28ea205c57d 100644 --- a/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md +++ b/docs/queries/cloudformation-queries/aws/3b3b4411-ad1f-40e7-b257-a78a6bb9673a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_without_attached_subnet) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md b/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md index 968f4fb5ec0..0dcf5784f16 100644 --- a/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md +++ b/docs/queries/cloudformation-queries/aws/3c3b7a58-b018-4d07-9444-d9ee7156e111.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/alexa_skill_plaintext_client_secret_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md b/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md index b33b556cbaa..d3c2391f421 100644 --- a/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md +++ b/docs/queries/cloudformation-queries/aws/3de2d4ff-fe53-4fc9-95d3-2f8a69bf90d6.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_cluster_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md b/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md index 4d1267fb29d..f3e3a9b2269 100644 --- a/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md +++ b/docs/queries/cloudformation-queries/aws/3e09413f-471e-40f3-8626-990c79ae63f3.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_sns_topic_name_undefined) ### Description diff --git a/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md b/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md index 1affbe2a49e..d839b734b85 100644 --- a/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md +++ b/docs/queries/cloudformation-queries/aws/3e293410-d5b8-411f-85fd-7d26294f20c9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_without_network_firewall) ### Description diff --git a/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md b/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md index 50b3da79dd6..aa66919cb06 100644 --- a/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md +++ b/docs/queries/cloudformation-queries/aws/42e7dca3-8cce-4325-8df0-108888259136.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/sns) ### Description diff --git a/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md b/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md index 885589c778e..caad28617f9 100644 --- a/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md +++ b/docs/queries/cloudformation-queries/aws/43356255-495d-4148-ad8d-f6af5eac09dd.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/gamelift_fleet_ec2_inbound_permissions_with_port_range) ### Description diff --git a/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md b/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md index 66611ff8367..8dc2b23e137 100644 --- a/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md +++ b/docs/queries/cloudformation-queries/aws/44034eda-1c3f-486a-831d-e09a7dd94354.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_endpoint_config_should_specify_kms_key_id_attribute) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md b/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md index 63af0d939dc..c3d3513f533 100644 --- a/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md +++ b/docs/queries/cloudformation-queries/aws/4552b71f-0a2a-4bc4-92dd-ed7ec1b4674c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md b/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md index 0557b9147e2..14ea8e6590c 100644 --- a/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md +++ b/docs/queries/cloudformation-queries/aws/456b00a3-1072-4149-9740-6b8bb60251b0.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_restore_actions_from_all_principals) ### Description diff --git a/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md b/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md index 3547e4c0df3..33363bedf4f 100644 --- a/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md +++ b/docs/queries/cloudformation-queries/aws/48677914-6fdf-40ec-80c4-2b0e94079f54.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_user_too_many_access_keys) ### Description diff --git a/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md b/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md index 15c11a47972..59cbc12dcea 100644 --- a/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md +++ b/docs/queries/cloudformation-queries/aws/48af92a5-c89b-4936-bc62-1086fe2bab23.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/emr_cluster_without_security_configuration) ### Description diff --git a/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md b/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md index 55a1b50cc7c..255eedc0f5c 100644 --- a/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md +++ b/docs/queries/cloudformation-queries/aws/48f100d9-f499-4c6d-b2b8-deafe47ffb26.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_public_acl) ### Description diff --git a/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md b/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md index 4b965b3dd5c..e076a5b6164 100644 --- a/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md +++ b/docs/queries/cloudformation-queries/aws/493d9591-6249-47bf-8dc0-5c10161cc558.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_without_vpc_attached) ### Description diff --git a/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md b/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md index 6b3542b5e21..7f3e551f220 100644 --- a/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md +++ b/docs/queries/cloudformation-queries/aws/494b03d3-bf40-4464-8524-7c56ad0700ed.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_sensitive_port_is_publicly_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md b/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md index f9649638526..bad99edf009 100644 --- a/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md +++ b/docs/queries/cloudformation-queries/aws/4a1e6b34-1008-4e61-a5f2-1f7c276f8d14.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/unrestricted_security_group_ingress) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md b/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md index 7adea7ab264..f69e55bb33d 100644 --- a/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md +++ b/docs/queries/cloudformation-queries/aws/4a8daf95-709d-4a36-9132-d3e19878fa34.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_endpoint_config_is_not_private) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md b/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md index edb46ae6c25..ba9536bb314 100644 --- a/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md +++ b/docs/queries/cloudformation-queries/aws/4ab10c48-bedb-4deb-8f3b-ff12783b61de.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_xray_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md b/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md index 732b354dc8b..b296068bcc8 100644 --- a/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md +++ b/docs/queries/cloudformation-queries/aws/4ae8af91-5108-42cb-9471-3bdbe596eac9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_with_all_permissions) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md b/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md index 6e7692140fe..4bc25466f2c 100644 --- a/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md +++ b/docs/queries/cloudformation-queries/aws/4ba74f01-aba5-4be2-83bc-be79ff1a3b92.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_unique_iam_role) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md b/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md index eea43e8a292..cd4fb81907f 100644 --- a/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md +++ b/docs/queries/cloudformation-queries/aws/4bd21e68-38c1-4d58-acdc-6a14b203237f.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_table_not_encrypted) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md b/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md index 9e58172be6a..b4b93ca0807 100644 --- a/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md +++ b/docs/queries/cloudformation-queries/aws/4c137350-7307-4803-8c04-17c09a7a9fcf.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/root_account_has_active_access_keys) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md b/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md index 628550d262e..0f7cddb94ef 100644 --- a/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md +++ b/docs/queries/cloudformation-queries/aws/4cdc88e6-c0c8-4081-a639-bb3a557cbedf.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_with_https_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md b/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md index e16c0648033..70b5b4dc0e8 100644 --- a/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md +++ b/docs/queries/cloudformation-queries/aws/4d32780f-43a4-424a-a06d-943c543576a5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iot_policy_allows_action_as_wildcard) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md b/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md index df1d119219e..60399ccfc06 100644 --- a/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md +++ b/docs/queries/cloudformation-queries/aws/4e67c0ae-38a0-47f4-a50c-f0c9b75826df.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/dynamo) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md b/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md index 802afbec032..2d9b5850c1c 100644 --- a/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md +++ b/docs/queries/cloudformation-queries/aws/4e88adee-a8eb-4605-a78d-9fb1096e3091.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_associated_with_public_subnet) ### Description diff --git a/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md b/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md index 152e4d45f9e..476a16783b9 100644 --- a/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md +++ b/docs/queries/cloudformation-queries/aws/4f0908b9-eb66-433f-9145-134274e1e944.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/routertable_with_default_routing) ### Description diff --git a/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md b/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md index c9d8188149b..35d2e813e1e 100644 --- a/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md +++ b/docs/queries/cloudformation-queries/aws/52790cad-d60d-41d5-8483-146f9f21208d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_cache_cluster_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md b/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md index 1841762de62..ee792420bb6 100644 --- a/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md +++ b/docs/queries/cloudformation-queries/aws/568cc372-ca64-420d-9015-ee347d00d288.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/user_data_contains_encoded_private_key) ### Description diff --git a/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md b/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md index df0da209cde..4781a545e14 100644 --- a/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md +++ b/docs/queries/cloudformation-queries/aws/57b12981-3816-4c31-b190-a1e614361dd2.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/public_lambda_via_api_gateway) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md b/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md index 7e7ebdb8df0..2e649322ce4 100644 --- a/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md +++ b/docs/queries/cloudformation-queries/aws/5864fb39-d719-4182-80e2-89dbe627be63.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amazon_dms_replication_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md b/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md index 06e0ff51ad1..0f861935db6 100644 --- a/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md +++ b/docs/queries/cloudformation-queries/aws/5906092d-5f74-490d-9a03-78febe0f65e1.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/github_repository_set_to_public) ### Description diff --git a/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md b/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md index efe679350bd..48e447f5ed2 100644 --- a/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md +++ b/docs/queries/cloudformation-queries/aws/59a849c2-1127-4023-85a5-ef906dcd458c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/sqs) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md b/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md index 43286c70add..43825d0f51f 100644 --- a/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md +++ b/docs/queries/cloudformation-queries/aws/5b033ec8-f079-4323-b5c8-99d4620433a9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/emr_security_configuration_encryptions_enabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md b/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md index 80cd528a461..ca2f3b5f097 100644 --- a/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md +++ b/docs/queries/cloudformation-queries/aws/5b48c507-0d1f-41b0-a630-76817c6b4189.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/refresh_token_is_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md b/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md index f3e450424af..19eddccb44f 100644 --- a/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md +++ b/docs/queries/cloudformation-queries/aws/5beacce3-4020-4a3d-9e1d-a36f953df630.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_storage_not_encrypted) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md b/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md index daf7e2db63a..0c1d25984a7 100644 --- a/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md +++ b/docs/queries/cloudformation-queries/aws/5c0b06d5-b7a4-484c-aeb0-75a836269ff0.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md b/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md index 4edbfd41285..6efaf9392bb 100644 --- a/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md +++ b/docs/queries/cloudformation-queries/aws/5c666ed9-b586-49ab-9873-c495a833b705.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_without_iam_authentication) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md b/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md index dcf01bf9ce3..cc88c40b019 100644 --- a/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md +++ b/docs/queries/cloudformation-queries/aws/5d3c1807-acb3-4bb0-be4e-0440230feeaf.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudwatch_metrics_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md b/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md index 2bd5be71ae9..7f893cb8ba2 100644 --- a/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md +++ b/docs/queries/cloudformation-queries/aws/5e6c9c68-8a82-408e-8749-ddad78cbb9c5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_rule_without_description) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md b/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md index cda0c32ba26..9b468e0d384 100644 --- a/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md +++ b/docs/queries/cloudformation-queries/aws/5e7acff5-095b-40ac-9073-ac2e4ad8a512.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policies_without_groups) ### Description diff --git a/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md b/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md index fcc2c932bae..0b479e59c7c 100644 --- a/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md +++ b/docs/queries/cloudformation-queries/aws/5f700072-b7ce-4e84-b3f3-497bf1c24a4d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dms_endpoint_password_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md b/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md index fd4bfbf7838..9c6d2fa66ba 100644 --- a/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md +++ b/docs/queries/cloudformation-queries/aws/60a05ede-0a68-4d0d-a58f-f538cf55ff79.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_cache_cluster_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md b/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md index bfdc1ee230c..497be5ac0b4 100644 --- a/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md +++ b/docs/queries/cloudformation-queries/aws/61a94903-3cd3-4780-88ec-fc918819b9c8.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_using_insecure_protocols) ### Description diff --git a/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md b/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md index 72c1e061249..0aae5f8a0cb 100644 --- a/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md +++ b/docs/queries/cloudformation-queries/aws/65844ba3-03a1-40a8-b3dd-919f122e8c95.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_storage_encryption_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md b/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md index a77c14173fe..c083e04e272 100644 --- a/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md +++ b/docs/queries/cloudformation-queries/aws/65d07da5-9af5-44df-8983-52d2e6f24c44.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudtrail_not_integrated_with_cloudwatch) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md b/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md index 0e32a972390..500f9adfc4b 100644 --- a/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md +++ b/docs/queries/cloudformation-queries/aws/6685d912-d81f-4cfa-95ad-e316ea31c989.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/directory_service_simple_ad_password_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md b/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md index a06f29f5efc..5b4bd38cd2e 100644 --- a/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md +++ b/docs/queries/cloudformation-queries/aws/66f2d8f9-a911-4ced-ae27-34f09690bb2c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_allows_unrestricted_outbound_traffic) ### Description diff --git a/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md b/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md index cd8a27489b6..12f04b894c6 100644 --- a/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md +++ b/docs/queries/cloudformation-queries/aws/68b6a789-82f8-4cfd-85de-e95332fe6a61.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/mq_broker_is_publicly_accessible) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md b/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md index c29210de3e6..cee83912cce 100644 --- a/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md +++ b/docs/queries/cloudformation-queries/aws/6b5b0313-771b-4319-ad7a-122ee78700ef.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_endpoint_config_not_private) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md b/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md index 804777a9454..ada2d015d80 100644 --- a/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md +++ b/docs/queries/cloudformation-queries/aws/6c131358-c54d-419b-9dd6-1f7dd41d180c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_cluster_not_encrypted_at_rest) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md b/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md index e7ec9506dbe..21298cdc65b 100644 --- a/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md +++ b/docs/queries/cloudformation-queries/aws/6c8d51af-218d-4bfb-94a9-94eabaa0703a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_ignore_public_acl) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md b/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md index 5a37da6cec4..df9757269ad 100644 --- a/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md +++ b/docs/queries/cloudformation-queries/aws/6d087495-2a42-4735-abf7-02ef5660a7e6.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_without_kms) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md b/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md index 3d5ca3adfdb..5348d673860 100644 --- a/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md +++ b/docs/queries/cloudformation-queries/aws/6d64f311-3da6-45f3-80f1-14db9771ea40.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/webacl_allow_defaultaction) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md b/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md index 4f6971aa9b8..4955ed1e919 100644 --- a/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md +++ b/docs/queries/cloudformation-queries/aws/6e856af2-62d7-4ba2-adc1-73b62cef9cc1.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_with_unrestricted_access_to_ssh) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md b/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md index 6a858ca2fdd..8c814ddac6b 100644 --- a/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md +++ b/docs/queries/cloudformation-queries/aws/6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sdb_domain_declared_as_a_resource) ### Description diff --git a/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md b/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md index cbc490ad5e4..99b599acc0e 100644 --- a/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md +++ b/docs/queries/cloudformation-queries/aws/6ef03ff6-a2bd-483c-851f-631f248bc0ea.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/rds) ### Description diff --git a/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md b/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md index ae90cac812b..ba61d48c7ca 100644 --- a/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md +++ b/docs/queries/cloudformation-queries/aws/709e6da6-fa1f-44cc-8f17-7f25f96dadbe.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_data_encryption_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md b/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md index 817c7ed4ff5..38db5995550 100644 --- a/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md +++ b/docs/queries/cloudformation-queries/aws/71493c8b-3014-404c-9802-078b74496fb7.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_app_basic_auth_config_password_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md b/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md index 6c409b5b094..23fd3568716 100644 --- a/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md +++ b/docs/queries/cloudformation-queries/aws/73980e43-f399-4fcc-a373-658228f7adf7.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_app_access_token_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md b/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md index 14b5997a870..be4ff9d8dc8 100644 --- a/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md +++ b/docs/queries/cloudformation-queries/aws/73d59e76-a12c-4b74-a3d8-d3e1e19c25b3.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/eks_node_group_remote_access) ### Description diff --git a/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md b/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md index ef6388a7b13..f63d167d223 100644 --- a/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md +++ b/docs/queries/cloudformation-queries/aws/74a18d1a-cf02-4a31-8791-ed0967ad7fdc.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cognito_userpool_without_mfa) ### Description diff --git a/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md b/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md index b4ff349e871..ad0eb010805 100644 --- a/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md +++ b/docs/queries/cloudformation-queries/aws/75be209d-1948-41f6-a8c8-e22dd0121134.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecr_repository_is_publicly_accessible) ### Description diff --git a/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md b/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md index 0bd177f8916..8a3d8f19b40 100644 --- a/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md +++ b/docs/queries/cloudformation-queries/aws/76ddf32c-85b1-4808-8935-7eef8030ab36.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/batch_job_definition_with_privileged_container_properties) ### Description diff --git a/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md b/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md index 0f789d84303..a0a150d11e4 100644 --- a/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md +++ b/docs/queries/cloudformation-queries/aws/7772bb8c-c0f3-42d4-8e4e-f1b8939ad085.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_access_to_any_principal) ### Description diff --git a/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md b/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md index 0b779234811..a8b2ad14cce 100644 --- a/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md +++ b/docs/queries/cloudformation-queries/aws/77b6f1e2-bde4-4a6a-ae7e-a40659ff1576.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 385 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_network_acl_overlapping_ports) ### Description diff --git a/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md b/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md index 4984ec0ae7e..f9319653256 100644 --- a/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md +++ b/docs/queries/cloudformation-queries/aws/78055456-f670-4d2e-94d5-392d1cf4f5e4.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_sensitive_port_is_exposed_to_entire_network) ### Description diff --git a/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md b/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md index 41578033cd1..6b4dfdbc660 100644 --- a/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md +++ b/docs/queries/cloudformation-queries/aws/783860a3-6dca-4c8b-81d0-7b62769ccbca.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 770 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated) ### Description diff --git a/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md b/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md index 84e6f668528..2efa2d6b6ae 100644 --- a/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md +++ b/docs/queries/cloudformation-queries/aws/79d745f0-d5f3-46db-9504-bef73e9fd528.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_service_without_running_tasks) ### Description diff --git a/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md b/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md index f2532f039ce..3b1c15e9e4c 100644 --- a/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md +++ b/docs/queries/cloudformation-queries/aws/7f384a5f-b5a2-4d84-8ca3-ee0a5247becb.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/empty_roles_for_ecs_cluster_task_definitions) ### Description diff --git a/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md b/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md index b7adb608b43..c436b74adc9 100644 --- a/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md +++ b/docs/queries/cloudformation-queries/aws/7f65be75-90ab-4036-8c2a-410aef7bb650.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kinesis_sse_not_configured) ### Description diff --git a/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md b/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md index d57f97704a0..89623378369 100644 --- a/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md +++ b/docs/queries/cloudformation-queries/aws/7f8843f0-9ea5-42b4-a02b-753055113195.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/geo_restriction_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md b/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md index fff0c97b46c..f34e60a2b9e 100644 --- a/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md +++ b/docs/queries/cloudformation-queries/aws/7f8f1b60-43df-4c28-aa21-fb836dbd8071.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 770 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_stage_without_api_gateway_usage_plan_associated) ### Description diff --git a/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md b/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md index 43e75cc7ce8..01b3f9185ee 100644 --- a/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md +++ b/docs/queries/cloudformation-queries/aws/7fd0d461-5b8c-4815-898c-f2b4b117eb28.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_configured_authorizer) ### Description diff --git a/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md b/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md index e54f1221e26..59678010aa1 100644 --- a/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md +++ b/docs/queries/cloudformation-queries/aws/800fa019-49dd-421b-9042-7331fdd83fa2.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/access_key_not_rotated_within_90_days) ### Description diff --git a/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md b/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md index cfa76d990cd..1f10975740a 100644 --- a/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md +++ b/docs/queries/cloudformation-queries/aws/80908a75-586b-4c61-ab04-490f4f4525b8.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_without_secure_protocol) ### Description diff --git a/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md b/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md index bf8c7862def..54f5700e3bc 100644 --- a/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md +++ b/docs/queries/cloudformation-queries/aws/809f77f8-d10e-4842-a84f-3be7b6ff1190.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_using_weak_ciphers) ### Description diff --git a/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md b/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md index 89aa0c7749b..5d0a6748f66 100644 --- a/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md +++ b/docs/queries/cloudformation-queries/aws/80b7ac3f-d2b7-4577-9b10-df7913497162.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ebs_volume_encryption_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md b/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md index 03334dc774d..f72599ea35c 100644 --- a/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md +++ b/docs/queries/cloudformation-queries/aws/80d45af4-4920-4236-a56e-b7ef419d1941.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_access_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md b/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md index f1056fda60a..fea48d26f8a 100644 --- a/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md +++ b/docs/queries/cloudformation-queries/aws/818f38ed-8446-4132-9c03-474d49e10195.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously) ### Description diff --git a/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md b/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md index a21659f8f50..27597ea8d1d 100644 --- a/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md +++ b/docs/queries/cloudformation-queries/aws/8275fab0-68ec-4705-bbf4-86975edb170e.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_security_policy) ### Description diff --git a/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md b/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md index 22152e78fc2..4983e3145ed 100644 --- a/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md +++ b/docs/queries/cloudformation-queries/aws/829ce3b8-065c-41a3-ad57-e0accfea82d2.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/unknown_port_exposed_to_internet) ### Description diff --git a/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md b/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md index d71f5d48b83..cc403993b26 100644 --- a/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md +++ b/docs/queries/cloudformation-queries/aws/835d5497-a526-4aea-a23f-98a9afd1635f.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_acl_allows_read_to_any_authenticated_user) ### Description diff --git a/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md b/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md index dd72c48b7d3..8c5abe8b79a 100644 --- a/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md +++ b/docs/queries/cloudformation-queries/aws/837e033c-4717-40bd-807e-6abaa30161b7.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/stack_notifications_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md b/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md index 9b45c6782ac..84e8e18ccd2 100644 --- a/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md +++ b/docs/queries/cloudformation-queries/aws/85138beb-ce7c-4ca3-a09f-e8fbcc57ddd7.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa) ### Description diff --git a/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md b/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md index d0313d9a2a7..460df008337 100644 --- a/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md +++ b/docs/queries/cloudformation-queries/aws/860ba89b-b8de-4e72-af54-d6aee4138a69.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_with_public_policy) ### Description diff --git a/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md b/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md index 57dda9f1660..00b3de9024d 100644 --- a/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md +++ b/docs/queries/cloudformation-queries/aws/86a248ab-0e01-4564-a82a-878303e253bb.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_not_encrypted_at_rest) ### Description diff --git a/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md b/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md index 95d870c8ab6..3f764412e06 100644 --- a/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md +++ b/docs/queries/cloudformation-queries/aws/87482183-a8e7-4e42-a566-7a23ec231c16.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_ingress_with_port_range) ### Description diff --git a/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md b/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md index 5b0bbc4490b..92b82c0b26e 100644 --- a/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md +++ b/docs/queries/cloudformation-queries/aws/88d55d94-315d-4564-beee-d2d725feab11.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_enabling_internet_access) ### Description diff --git a/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md b/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md index fc6ccf2db6f..37d8680b601 100644 --- a/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md +++ b/docs/queries/cloudformation-queries/aws/89827c57-5a8a-49eb-9731-976a606d70db.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/workspace_without_encryption) ### Description diff --git a/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md b/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md index af3f929c0a0..faf324b2f38 100644 --- a/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md +++ b/docs/queries/cloudformation-queries/aws/8a6d36cd-0bc6-42b7-92c4-67acc8576861.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/instance_with_no_vpc) ### Description diff --git a/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md b/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md index d523a5b7f6f..02197eb1e68 100644 --- a/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md +++ b/docs/queries/cloudformation-queries/aws/8c415f6f-7b90-4a27-a44a-51047e1506f9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_with_backup_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md b/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md index 3b59429d9aa..5e429d5b424 100644 --- a/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md +++ b/docs/queries/cloudformation-queries/aws/8d29754a-2a18-460d-a1ba-9509f8d359da.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_access_analyzer_not_enabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md b/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md index 46ea73f1860..c4e63a615d3 100644 --- a/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md +++ b/docs/queries/cloudformation-queries/aws/8dd0ff1f-0da4-48df-9bb3-7f338ae36a40.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_not_ebs_optimized) ### Description diff --git a/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md b/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md index ded138c45c7..3b694f1b77e 100644 --- a/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md +++ b/docs/queries/cloudformation-queries/aws/8df8e857-bd59-44fa-9f4c-d77594b95b46.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_function_without_tags) ### Description diff --git a/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md b/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md index cb17548ab5f..41161f95b71 100644 --- a/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md +++ b/docs/queries/cloudformation-queries/aws/8f957abd-9703-413d-87d3-c578950a753c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_group_without_users) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md b/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md index 14e2a3d20bf..9bfa0eeade2 100644 --- a/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md +++ b/docs/queries/cloudformation-queries/aws/9025b2b3-e554-4842-ba87-db7aeec36d35.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/unscanned_ecr_image) ### Description diff --git a/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md b/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md index 945857569fd..bd553a83ff6 100644 --- a/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md +++ b/docs/queries/cloudformation-queries/aws/90501b1b-cded-4cc1-9e8b-206b85cda317.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_static_website_host_enabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md b/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md index a4f011e138e..eb6a3f9a2ce 100644 --- a/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md +++ b/docs/queries/cloudformation-queries/aws/9488c451-074e-4cd3-aee3-7db6104f542c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_functions_without_x-ray_tracing) ### Description diff --git a/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md b/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md index 75727e88e64..ff7a7e74fb4 100644 --- a/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md +++ b/docs/queries/cloudformation-queries/aws/953b3cdb-ce13-428a-aa12-318726506661.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policies_with_full_privileges) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md b/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md index 68dec5c0c30..45d77e4486e 100644 --- a/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md +++ b/docs/queries/cloudformation-queries/aws/9564406d-e761-4e61-b8d7-5926e3ab8e79.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/db_security_group_with_public_scope) ### Description diff --git a/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md b/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md index 8e2e911fb17..b1946f036f0 100644 --- a/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md +++ b/docs/queries/cloudformation-queries/aws/97e94d17-e2c7-4109-a53b-6536ac1bb64e.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_attached_with_too_many_gateways) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md b/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md index 619650bfafb..563d62ad374 100644 --- a/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md +++ b/docs/queries/cloudformation-queries/aws/9b6a3f5b-5fd6-40ee-9bc0-ed604911212d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sqs_policy_with_public_access) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md b/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md index e31d078e7e6..97727c7bea7 100644 --- a/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md +++ b/docs/queries/cloudformation-queries/aws/9b83114b-b2a1-4534-990d-06da015e47aa.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_permission_misconfigured) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md b/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md index 1a1d1248680..97335ac50c3 100644 --- a/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md +++ b/docs/queries/cloudformation-queries/aws/9c7028d9-04c2-45be-b8b2-1188ccaefb36.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sagemaker_notebook_not_placed_in_vpc) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md b/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md index dba5d4e0053..f693050a28a 100644 --- a/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md +++ b/docs/queries/cloudformation-queries/aws/9d13b150-a2ab-42a1-b6f4-142e41f81e52.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sns_topic_without_kms_master_key_id) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md b/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md index 11a756a077e..e17e03d0d11 100644 --- a/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md +++ b/docs/queries/cloudformation-queries/aws/9e8c89b3-7997-4d15-93e4-7911b9db99fd.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 286 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/inline_policies_are_attached_to_ecs_service) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md b/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md index 23a6124c55a..504e16bc256 100644 --- a/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md +++ b/docs/queries/cloudformation-queries/aws/9ecb6b21-18bc-4aa7-bd07-db20f1c746db.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudformation_specifying_credentials_not_safe) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md b/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md index 14435d9ccf7..634d7d0214a 100644 --- a/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md +++ b/docs/queries/cloudformation-queries/aws/9f3cf08e-72a2-4eb1-8007-e3b1b0e10d4d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/config_configuration_aggregator_to_all_regions_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md b/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md index 4d56feaf921..3909a399e04 100644 --- a/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md +++ b/docs/queries/cloudformation-queries/aws/9fcd0a0a-9b6f-4670-a215-d94e6bf3f184.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_database_auth_not_enabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md b/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md index 04b166d3aa5..c5545513009 100644 --- a/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md +++ b/docs/queries/cloudformation-queries/aws/a0ae0a4e-712b-4115-8112-51b9eeed9d69.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_functions_with_full_privileges) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md b/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md index a39467a5a66..00b492647a0 100644 --- a/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md +++ b/docs/queries/cloudformation-queries/aws/a227ec01-f97a-4084-91a4-47b350c1db54.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_versioning) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md b/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md index 3943032e55b..0d93bf1e17f 100644 --- a/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md +++ b/docs/queries/cloudformation-queries/aws/a25cd877-375c-4121-a640-730929936fac.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/guardduty_detector_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md b/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md index e75cb60a025..5585452f4d0 100644 --- a/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md +++ b/docs/queries/cloudformation-queries/aws/a2f2800e-614b-4bc8-89e6-fec8afd24800.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_without_content_encoding) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md b/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md index 8f70ef00f02..ce631c92571 100644 --- a/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md +++ b/docs/queries/cloudformation-queries/aws/a3aa0087-8228-4e7e-b202-dc9036972d02.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/neptune_cluster_with_iam_database_authentication_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md b/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md index 703b598e315..536d4e7926d 100644 --- a/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md +++ b/docs/queries/cloudformation-queries/aws/a3e4e39a-e5fc-4ee9-8cf5-700febfa86dd.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_ingress_has_cidr_not_recommended) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md b/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md index 2bd2c444c35..ddd42bb3243 100644 --- a/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md +++ b/docs/queries/cloudformation-queries/aws/a478af30-8c3a-404d-aa64-0b673cee509a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_using_default_port) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md b/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md index b468fb2b8d2..871aecae01d 100644 --- a/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md +++ b/docs/queries/cloudformation-queries/aws/a5366a50-932f-4085-896b-41402714a388.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/connection_between_cloudfront_origin_not_encrypted) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md b/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md index d2a3fe231f0..e5e30f3ce15 100644 --- a/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md +++ b/docs/queries/cloudformation-queries/aws/a58d1a2d-4078-4b80-855b-84cc3f7f4540.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 286 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_groups_inline_policies) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md b/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md index b3d7692eb21..6d548af0753 100644 --- a/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md +++ b/docs/queries/cloudformation-queries/aws/a71ecabe-03b6-456a-b3bc-d1a39aa20c98.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_tags) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md b/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md index 05d36bfdb83..5c9bedb5c8f 100644 --- a/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md +++ b/docs/queries/cloudformation-queries/aws/a7f8ac28-eed1-483d-87c8-4c325f022572.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 526 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_environment_variables_not_encrypted) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md b/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md index caec7f64129..139cfe70451 100644 --- a/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md +++ b/docs/queries/cloudformation-queries/aws/a964d6e3-8e1e-4d93-8120-61fa640dd55a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/user_iam_missing_password_reset_required) ### Description diff --git a/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md b/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md index 5c727bd23c6..535b81fe25f 100644 --- a/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md +++ b/docs/queries/cloudformation-queries/aws/a976d63f-af0e-46e8-b714-8c1a9c4bf768.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/msk_cluster_encryption_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md b/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md index 77c595e940a..3c13788f083 100644 --- a/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md +++ b/docs/queries/cloudformation-queries/aws/ab759fde-e1e8-4b0e-ad73-ba856e490ed8.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_cluster_container_insights_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md b/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md index 5e5d7a0f6b0..3b5c1a75c8f 100644 --- a/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md +++ b/docs/queries/cloudformation-queries/aws/acc78859-765e-4011-a229-a65ea57db252.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_delete_actions_from_all_principals) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md b/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md index 8d4dbd721a8..48bf3b2d1fc 100644 --- a/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md +++ b/docs/queries/cloudformation-queries/aws/ad21e616-5026-4b9d-990d-5b007bfe679c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/auto_scaling_group_with_no_associated_elb) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md b/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md index 121657b7f1c..54cd7997545 100644 --- a/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md +++ b/docs/queries/cloudformation-queries/aws/ad7444cf-817a-4765-a79e-2145f7981faf.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/shield_advanced_not_in_use) ### Description diff --git a/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md b/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md index e6dda42fdf3..11358ac023a 100644 --- a/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md +++ b/docs/queries/cloudformation-queries/aws/adcd0082-e90b-4b63-862b-21899f6e6a48.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_with_meta_ip) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md b/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md index 4b16598e423..bdd04c91104 100644 --- a/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md +++ b/docs/queries/cloudformation-queries/aws/ae03f542-1423-402f-9cef-c834e7ee9583.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_functions_without_unique_iam_roles) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md b/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md index f4913f2a13e..af21dc2cd3a 100644 --- a/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md +++ b/docs/queries/cloudformation-queries/aws/ae53ce91-42b5-46bf-a84f-9a13366a4f13.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/sns_topic_is_publicly_accessible) ### Description diff --git a/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md b/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md index f222cdd6992..ef15904a804 100644 --- a/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md +++ b/docs/queries/cloudformation-queries/aws/b1b20ae3-8fa7-4af5-a74d-a2145920fcb1.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_password_without_minimum_length) ### Description diff --git a/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md b/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md index 02c8183d28b..aa98c11baa3 100644 --- a/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md +++ b/docs/queries/cloudformation-queries/aws/b2e8752c-3497-4255-98d2-e4ae5b46bbf5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_without_server_side_encryption) ### Description diff --git a/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md b/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md index a757587f459..376bd64ca05 100644 --- a/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md +++ b/docs/queries/cloudformation-queries/aws/b3de4e4c-14be-4159-b99d-9ad194365e4c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_subnet_has_public_ip_mapping_on_launch) ### Description diff --git a/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md b/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md index 2fb3e24d288..ba7b881dc57 100644 --- a/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md +++ b/docs/queries/cloudformation-queries/aws/b4d9c12b-bfba-4aeb-9cb8-2358546d8041.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vulnerable_default_ssl_certificate) ### Description diff --git a/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md b/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md index 7c8daaa4f92..68eeedf3923 100644 --- a/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md +++ b/docs/queries/cloudformation-queries/aws/b5d6a2e0-8f15-4664-bd5b-68ec5c9bab83.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/s3_bucket) ### Description diff --git a/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md b/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md index ea864c19776..7202f785437 100644 --- a/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md +++ b/docs/queries/cloudformation-queries/aws/b7063015-6c31-4658-a8e7-14f98f37fd42.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ebs_volume_without_kms_key_id) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md b/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md index 03eab33f7e2..10fb9ff3eed 100644 --- a/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md +++ b/docs/queries/cloudformation-queries/aws/ba766c53-fe71-4bbb-be35-b6803f2ef13e.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_without_vpc) ### Description diff --git a/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md b/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md index dbae0023243..bb7c3f34763 100644 --- a/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md +++ b/docs/queries/cloudformation-queries/aws/bdf8dcb4-75df-4370-92c4-606e4ae6c4d3.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_publicly_accessible) ### Description diff --git a/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md b/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md index 7d8b1a6510d..28719b6bdf8 100644 --- a/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md +++ b/docs/queries/cloudformation-queries/aws/be5b230d-4371-4a28-a441-85dc760e2aa3.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iot_policy_allows_wildcard_resource) ### Description diff --git a/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md b/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md index d5db923df5e..5be2fff2f63 100644 --- a/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md +++ b/docs/queries/cloudformation-queries/aws/be96849c-3df6-49c2-bc16-778a7be2519c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/secure_ciphers_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md b/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md index 9ab82dc93bd..66ab82f7615 100644 --- a/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md +++ b/docs/queries/cloudformation-queries/aws/bf4473f1-c8a2-4b1b-8134-bd32efabab93.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/neptune_database_cluster_encryption_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md b/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md index 9d9a43f6ad7..22a9fcfe359 100644 --- a/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md +++ b/docs/queries/cloudformation-queries/aws/bf89373a-be40-4c04-99f5-746742dfd7f3.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/emr_wihout_vpc) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md b/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md index 3e86a1af0b0..cd1ea53629c 100644 --- a/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md +++ b/docs/queries/cloudformation-queries/aws/c1282e03-b285-4637-aee7-eefe3a7bb658.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/efs_volume_with_disabled_transit_encryption) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md b/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md index 5abaf237c6d..66074dfaddb 100644 --- a/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md +++ b/docs/queries/cloudformation-queries/aws/c2eae442-d3ba-4cb1-84ca-1db4f80eae3d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 390 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/lambda_function_without_dead_letter_queue) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md b/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md index 489b5816c42..d66b1b68b8e 100644 --- a/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md +++ b/docs/queries/cloudformation-queries/aws/c333e906-8d8b-4275-b999-78b6318f8dc6.md @@ -1,5 +1,5 @@ --- -title: DynamoDB With Not Recommented Table Billing Mode +title: DynamoDB With Not Recommended Table Billing Mode hide: toc: true navigation: true @@ -16,11 +16,11 @@ hide: - **Query id:** c333e906-8d8b-4275-b999-78b6318f8dc6 -- **Query name:** DynamoDB With Not Recommented Table Billing Mode +- **Query name:** DynamoDB With Not Recommended Table Billing Mode - **Platform:** CloudFormation - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 913 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_with_table_billing_mode_not_recommended) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md b/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md index eec6a8d76a0..117eaf2416f 100644 --- a/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md +++ b/docs/queries/cloudformation-queries/aws/c3ce69fd-e3df-49c6-be78-1db3f802261c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_cloudtrail_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md b/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md index 985bc244ee5..f01a76ea0f9 100644 --- a/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md +++ b/docs/queries/cloudformation-queries/aws/c44c95fc-ae92-4bb8-bdf8-bb9bc412004a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_public_instance_exposed_through_subnet) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md b/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md index 994bdc58b85..a5b9b99f5b5 100644 --- a/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md +++ b/docs/queries/cloudformation-queries/aws/c62e8b7d-1fdf-4050-ac4c-76ba9e1d9621.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_v2_alb_access_log_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md b/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md index d35f95025d5..a69e01b8fd9 100644 --- a/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md +++ b/docs/queries/cloudformation-queries/aws/c689f51b-9203-43b3-9d8b-caed123f706c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/elasticache) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md b/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md index cfbed704c8b..ec542dafd49 100644 --- a/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md +++ b/docs/queries/cloudformation-queries/aws/c757c6a3-ac87-4b9d-b28d-e5a5add6a315.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_api_xray_tracing_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md b/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md index 2aef3299dd9..99b18025559 100644 --- a/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md +++ b/docs/queries/cloudformation-queries/aws/c8ae9ba9-c2f7-4e5c-b32e-a4b7712d4d22.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/secrets_manager_should_specify_kms_key_id) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md b/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md index 56273cd8682..031bf0c4658 100644 --- a/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md +++ b/docs/queries/cloudformation-queries/aws/c8dee387-a2e6-4a73-a942-183c975549ac.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dynamodb_with_aws_owned_cmk) ### Description diff --git a/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md b/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md index a33da0aeb5a..8d6927b4b13 100644 --- a/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md +++ b/docs/queries/cloudformation-queries/aws/c9846969-d066-431f-9b34-8c4abafe422a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/remote_desktop_port_open_to_internet) ### Description diff --git a/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md b/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md index 83971107ec8..20d5e3706c7 100644 --- a/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md +++ b/docs/queries/cloudformation-queries/aws/cb2f612b-ed42-4ff5-9fb9-255c73d39a18.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 390 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_dead_letter_queue) ### Description diff --git a/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md b/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md index c4942d4bc03..eaf0d42f33d 100644 --- a/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md +++ b/docs/queries/cloudformation-queries/aws/cc8b294f-006f-4f8f-b5bb-0a9140c33131.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/wildcard_in_acm_certificate_domain_name) ### Description diff --git a/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md b/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md index 975ef181110..d78f23ad31d 100644 --- a/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md +++ b/docs/queries/cloudformation-queries/aws/cdbb0467-2957-4a77-9992-7b55b29df7b7.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_groups_with_exhibited_admin_ports) ### Description diff --git a/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md b/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md index 82048b1d265..593b412f0a1 100644 --- a/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md +++ b/docs/queries/cloudformation-queries/aws/cfdef2e5-1fe4-4ef4-bea8-c56e08963150.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_nodes_not_created_across_multi_az) ### Description diff --git a/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md b/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md index 5dd0ead329c..b78b576c5a6 100644 --- a/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md +++ b/docs/queries/cloudformation-queries/aws/d24389b4-b209-4ff0-8345-dc7a4569dcdd.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_task_definition_healthcheck_missing) ### Description diff --git a/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md b/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md index a3fadea012f..1575bb61ad9 100644 --- a/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md +++ b/docs/queries/cloudformation-queries/aws/d53323be-dde6-4457-9a43-42df737e71d2.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/kinesis) ### Description diff --git a/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md b/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md index 5bcdecf23cd..bf285ea91a4 100644 --- a/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md +++ b/docs/queries/cloudformation-queries/aws/d6653eee-2d4d-4e6a-976f-6794a497999a.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_with_invalid_compression) ### Description diff --git a/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md b/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md index 5b1738e1065..5fc9c29fa7f 100644 --- a/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md +++ b/docs/queries/cloudformation-queries/aws/d71b5fd7-9020-4b2d-9ec8-b3839faa2744.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/support_has_no_role_associated) ### Description diff --git a/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md b/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md index 8fc61bb80df..3c9b8ddfec9 100644 --- a/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md +++ b/docs/queries/cloudformation-queries/aws/d7467bb6-3ed1-4c82-8095-5e7a818d0aad.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/codebuild_not_encrypted) ### Description diff --git a/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md b/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md index 3216acdc113..8270c8be7f9 100644 --- a/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md +++ b/docs/queries/cloudformation-queries/aws/d926aa95-0a04-4abc-b20c-acf54afe38a1.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_domain_encryption_with_kms_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md b/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md index dafb963ed40..e282f202256 100644 --- a/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md +++ b/docs/queries/cloudformation-queries/aws/da905474-7454-43c0-b8d2-5756ab951aba.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kms_key_with_full_permissions) ### Description diff --git a/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md b/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md index 84c74b1dc6d..6604ad5efd5 100644 --- a/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md +++ b/docs/queries/cloudformation-queries/aws/dae9c373-8287-462f-8746-6f93dad93610.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_egress_with_port_range) ### Description diff --git a/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md b/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md index 3d68e357c45..310b54f9fe7 100644 --- a/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md +++ b/docs/queries/cloudformation-queries/aws/dc17ee4b-ddf2-4e23-96e8-7a36abad1303.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_without_minimum_protocol_tls_1.2) ### Description diff --git a/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md b/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md index 6a02303e746..c7078051aa7 100644 --- a/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md +++ b/docs/queries/cloudformation-queries/aws/dc1ab429-1481-4540-9b1d-280e3f15f1f8.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_sam/serverless_function_without_x-ray_tracing) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md b/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md index c793c2cd8fe..9ed102dcd92 100644 --- a/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md +++ b/docs/queries/cloudformation-queries/aws/ddfc4eaa-af23-409f-b96c-bf5c45dc4daa.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/http_port_open) ### Description diff --git a/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md b/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md index 2186b8bd7da..2db251d1d18 100644 --- a/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md +++ b/docs/queries/cloudformation-queries/aws/de38e1d5-54cb-4111-a868-6f7722695007.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/rds_db_instance_publicly_accessible) ### Description diff --git a/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md b/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md index f87ae9d9df8..c24220ec09d 100644 --- a/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md +++ b/docs/queries/cloudformation-queries/aws/de76a0d6-66d5-45c9-9022-f05545b85c78.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/redshift_cluster_without_kms_cmk) ### Description diff --git a/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md b/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md index 96297259237..ff756f9dfaa 100644 --- a/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md +++ b/docs/queries/cloudformation-queries/aws/de77cd9f-0e8b-46cc-b4a4-b6b436838642.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cloudfront_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md b/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md index 097e99cd1c2..c47743f9938 100644 --- a/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md +++ b/docs/queries/cloudformation-queries/aws/dfb56e5d-ee68-446e-b32a-657b62befe69.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/amplify_branch_basic_auth_config_password_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md b/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md index a719b1c256c..d3735f6f54d 100644 --- a/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md +++ b/docs/queries/cloudformation-queries/aws/e200a6f3-c589-49ec-9143-7421d4a2c845.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_with_security_group_without_inbound_rules) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md b/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md index 130a5f062a2..79fcc5e566f 100644 --- a/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md +++ b/docs/queries/cloudformation-queries/aws/e415f8d3-fc2b-4f52-88ab-1129e8c8d3f5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/fully_open_ingress) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md b/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md index 0c46a3532df..224986746d1 100644 --- a/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md +++ b/docs/queries/cloudformation-queries/aws/e4239438-e639-44aa-adb8-866e400e3ade.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policy_on_user) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md b/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md index cfcf0d942a8..eb78b6ec003 100644 --- a/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md +++ b/docs/queries/cloudformation-queries/aws/e42a3ef0-5325-4667-84bf-075ba1c9d58e.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_using_default_vpc) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md b/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md index 8f7176dfd11..e84fd3069a5 100644 --- a/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md +++ b/docs/queries/cloudformation-queries/aws/e4ee3903-9225-4b6a-bdfb-e62dbadef821.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticache_with_disabled_at_rest_encryption) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md b/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md index 946a3871856..f5275d76e1d 100644 --- a/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md +++ b/docs/queries/cloudformation-queries/aws/e4f54ff4-d352-40e8-a096-5141073c37a2.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cdn_configuration_is_missing) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md b/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md index 21a93d4f1a3..198fd3972c6 100644 --- a/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md +++ b/docs/queries/cloudformation-queries/aws/e519ed6a-8328-4b69-8eb7-8fa549ac3050.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/mq_broker_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md b/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md index 7c63deecfce..c8d5537e25d 100644 --- a/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md +++ b/docs/queries/cloudformation-queries/aws/e52395b4-250b-4c60-81d5-2e58c1d37abc.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/default_kms_key_usage) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md b/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md index 5d9851d8af4..9cecec28b99 100644 --- a/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md +++ b/docs/queries/cloudformation-queries/aws/e649a218-d099-4550-86a4-1231e1fcb60d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/low_rds_backup_retention_period) ### Description diff --git a/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md b/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md index 9f6f8674175..1d44f3c0631 100644 --- a/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md +++ b/docs/queries/cloudformation-queries/aws/e835bd0d-65da-49f7-b6d1-b646da8727e6.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policy_grants_assumerole_permission_across_all_services) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md b/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md index 20ee7553c4b..3cc5aaf716d 100644 --- a/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md +++ b/docs/queries/cloudformation-queries/aws/ea33fcf7-394b-4d11-a228-985c5d08f205.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/default_security_groups_with_unrestricted_traffic) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md b/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md index ac7ebdd3735..7153c906c8c 100644 --- a/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md +++ b/docs/queries/cloudformation-queries/aws/ed4c48b8-eccc-4881-95c1-09fdae23db25.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_ssl_certificate) ### Description diff --git a/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md b/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md index 83f17c440c4..8ee10699e62 100644 --- a/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md +++ b/docs/queries/cloudformation-queries/aws/edbd62d4-8700-41de-b000-b3cfebb5e996.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elasticsearch_logs_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md b/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md index 7f85de49a28..75ba7388a38 100644 --- a/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md +++ b/docs/queries/cloudformation-queries/aws/edc95c10-7366-4f30-9b4b-f995c84eceb5.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policies_attached_to_user) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md b/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md index 996f4a91627..898a204ff24 100644 --- a/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md +++ b/docs/queries/cloudformation-queries/aws/ee12ad32-2863-4c0f-b13f-28272d115028.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/elb_access_log_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md b/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md index a17ccf44a28..c192a4aba7f 100644 --- a/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md +++ b/docs/queries/cloudformation-queries/aws/ee464fc2-54a6-4e22-b10a-c6dcd2474d0c.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/security_group_egress_with_all_protocols) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md b/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md index 1c7ce8815c7..d2e009b3edf 100644 --- a/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md +++ b/docs/queries/cloudformation-queries/aws/ef05a925-8568-4054-8ff1-f5ba82631c16.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws_bom/efs) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md b/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md index 80c486b809a..87aaeca1c9f 100644 --- a/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md +++ b/docs/queries/cloudformation-queries/aws/f0104061-8bfc-4b45-8a7d-630eb502f281.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/automatic_minor_upgrades_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md b/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md index edfe1561ab3..0447465e6ff 100644 --- a/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md +++ b/docs/queries/cloudformation-queries/aws/f4c9b5f5-68b8-491f-9e48-4f96644a1d51.md @@ -20,11 +20,11 @@ hide: - **Platform:** CloudFormation - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 697 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_task_definition_invalid_cpu_or_memory) ### Description -In ECS Task Definition of FARGATE launch type if you specify an invalid CPU or Memory value, you will receive an error
+In an ECS Task Definition with the FARGATE launch type, specifying an invalid CPU or Memory value will result in an error.
[Documentation](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html) ### Code samples diff --git a/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md b/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md index 7bcf5d15415..5bd1b30758b 100644 --- a/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md +++ b/docs/queries/cloudformation-queries/aws/f57f849c-883b-4cb7-85e7-f7b199dff163.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/tcp_or_udp_protocol_network_acl_entry_allows_all_ports) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md b/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md index 6fd9ec0f3d3..61a0488c530 100644 --- a/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md +++ b/docs/queries/cloudformation-queries/aws/f6049677-ec4a-43af-8779-5190b6d03cba.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/kms_allows_wildcard_principal) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md b/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md index 11b1a20b82c..09e1e71b953 100644 --- a/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md +++ b/docs/queries/cloudformation-queries/aws/f62aa827-4ade-4dc4-89e4-1433d384a368.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_policy_grants_full_permissions) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md b/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md index 08ca8a163a3..ef64b07009a 100644 --- a/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md +++ b/docs/queries/cloudformation-queries/aws/f6397a20-4cf1-4540-a997-1d363c25ef58.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_put_actions_from_all_principals) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md b/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md index 166209095db..dd7af7a04ce 100644 --- a/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md +++ b/docs/queries/cloudformation-queries/aws/f6d299d2-21eb-41cc-b1e1-fe12d857500b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/vpc_flowlogs_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md b/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md index 3e090e9d6e6..6d38a118492 100644 --- a/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md +++ b/docs/queries/cloudformation-queries/aws/f80e3aa7-7b34-4185-954e-440a6894dde6.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/iam_role_allows_all_principals_to_assume) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md b/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md index e8b64f8c95c..4300fec8e0f 100644 --- a/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md +++ b/docs/queries/cloudformation-queries/aws/f914357d-8386-4d56-9ba6-456e5723f9a6.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ec2_instance_has_no_iam_role) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md b/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md index 8260c7e3d58..68ef3ecafa3 100644 --- a/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md +++ b/docs/queries/cloudformation-queries/aws/f97b7d23-568f-4bcc-9ac9-02df0d57fbba.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_get_actions_from_all_principals) ### Description diff --git a/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md b/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md index 03e7e084110..eda11b6f70f 100644 --- a/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md +++ b/docs/queries/cloudformation-queries/aws/f988a17f-1139-46a3-8928-f27eafd8b024.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 256 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/dms_endpoint_mongo_db_settings_password_exposed) ### Description diff --git a/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md b/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md index 5e0ec1bcb12..93ca595125e 100644 --- a/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md +++ b/docs/queries/cloudformation-queries/aws/faa8fddf-c0aa-4b2d-84ff-e993e233ebe9.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/s3_bucket_allows_list_actions_from_all_principals) ### Description diff --git a/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md b/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md index 6441c8b78d0..0c46a1619d9 100644 --- a/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md +++ b/docs/queries/cloudformation-queries/aws/fb2b0ecf-1492-491a-a70d-ba1df579175d.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/ecs_no_load_balancer_attached) ### Description diff --git a/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md b/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md index 3af84a71a30..7914905cd2c 100644 --- a/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md +++ b/docs/queries/cloudformation-queries/aws/fc7c2c15-f5d0-4b80-adb2-c89019f8f62b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/msk_cluster_logging_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md b/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md index f42783af97c..d6689f32870 100644 --- a/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md +++ b/docs/queries/cloudformation-queries/aws/fcbf9019-566c-4832-a65c-af00d8137d2b.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/api_gateway_without_waf) ### Description diff --git a/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md b/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md index d472ec3c769..ddfc1f12ec4 100644 --- a/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md +++ b/docs/queries/cloudformation-queries/aws/fe974ae9-858e-4991-bbd5-e040a834679f.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 404 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/stack_retention_disabled) ### Description diff --git a/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md b/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md index 7b19e5f8c58..14a43154a05 100644 --- a/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md +++ b/docs/queries/cloudformation-queries/aws/ffee2785-c347-451e-89f3-11aeb08e5c84.md @@ -20,7 +20,7 @@ hide: - **Platform:** CloudFormation - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 312 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/cloudFormation/aws/cmk_unencrypted_storage) ### Description diff --git a/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md b/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md index a8c13f45631..0de5552e6d8 100644 --- a/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md +++ b/docs/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71.md @@ -1118,7 +1118,7 @@ Parameters: SecretNamePrefix: Description: 'Used to create resource-based authorization policy for "secretsmanager:GetSecretValue" action. E.g. All Athena JDBC Federation secret names can be prefixed with "AthenaJdbcFederation" and authorization policy will allow "arn:${AWS::Partition}:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:AthenaJdbcFederatione*". Parameter value in this case should be "AthenaJdbcFederation". If you do not have a prefix, you can manually update the IAM policy to add allow any secret names.' Type: String - +Resources: ```
Positive test num. 40 - tf file @@ -1217,22 +1217,27 @@ resource "google_container_cluster" "primary1" {
Positive test num. 44 - yml file -```yml hl_lines="5" +```yml hl_lines="7" +on: workflow_call + stages: - build variables: GIT_PRIVATE_KEY: "heythisisaprivatekey!" -job_build: - stage: build - script: - - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then - echo "Missing GIT_PRIVATE_KEY variable!" - exit 1 - fi - - echo "Private key is set." +jobs: + job_build: + stage: build + script: + - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then + echo "Missing GIT_PRIVATE_KEY variable!" + exit 1 + fi + - echo "Private key is set." + steps: + - uses: actions/checkout@v4 ```
Positive test num. 45 - tf file @@ -1557,13 +1562,15 @@ resource "google_container_cluster" "primary2" {
Positive test num. 49 - json file -```json hl_lines="3 6" +```json hl_lines="4 7" { - "service-1": { - "password": "abcdefg" - }, - "service-2": { - "password": "abcdefg" + "Resources": { + "service-1": { + "password": "abcdefg" + }, + "service-2": { + "password": "abcdefg" + } } } @@ -1668,28 +1675,7 @@ provider "slack" { ```
-
Negative test num. 5 - yaml file - -```yaml -#cloud formation test -Resources: - RDSCluster: - Type: "AWS::RDS::DBCluster" - Properties: - MasterUserPassword: !Ref PasswordMaster - DBClusterIdentifier: my-serverless-cluster - Engine: aurora - EngineVersion: 5.6.10a - EngineMode: serverless - ScalingConfiguration: - AutoPause: true - MinCapacity: 4 - MaxCapacity: 32 - SecondsUntilAutoPause: 1000 - -``` -
-
Negative test num. 6 - tf file +
Negative test num. 5 - tf file ```tf provider "stripe" { @@ -1698,7 +1684,7 @@ provider "stripe" { ```
-
Negative test num. 7 - tf file +
Negative test num. 6 - tf file ```tf resource "aws_ecs_task_definition" "webapp" { @@ -1789,7 +1775,7 @@ EOF ```
-
Negative test num. 8 - tf file +
Negative test num. 7 - tf file ```tf provider "heroku" { @@ -1799,7 +1785,7 @@ provider "heroku" { ```
-
Negative test num. 9 - tf file +
Negative test num. 8 - tf file ```tf provider "github" { @@ -1808,7 +1794,7 @@ provider "github" { ```
-
Negative test num. 10 - tf file +
Negative test num. 9 - tf file ```tf provider "cloudflare" { @@ -1819,7 +1805,7 @@ provider "cloudflare" { ```
-
Negative test num. 11 - yaml file +
Negative test num. 10 - yaml file ```yaml Parameters: @@ -1837,7 +1823,7 @@ Resources: ```
-
Negative test num. 12 - yaml file +
Negative test num. 11 - yaml file ```yaml Parameters: @@ -1867,6 +1853,27 @@ Resources: TokenKey: !Ref PinpointAPNSVoipChannelTokenKey ApplicationId: !Ref PinpointApp +``` +
+
Negative test num. 12 - yaml file + +```yaml +#cloud formation test +Resources: + RDSCluster: + Type: "AWS::RDS::DBCluster" + Properties: + MasterUserPassword: !Ref PasswordMaster + DBClusterIdentifier: my-serverless-cluster + Engine: aurora + EngineVersion: 5.6.10a + EngineMode: serverless + ScalingConfiguration: + AutoPause: true + MinCapacity: 4 + MaxCapacity: 32 + SecondsUntilAutoPause: 1000 + ```
Negative test num. 13 - yaml file @@ -1892,26 +1899,7 @@ provider "mailgun" { ```
-
Negative test num. 15 - yaml file - -```yaml -#ansible test -- name: create a cluster - google.cloud.gcp_container_cluster: - name: my-cluster - initial_node_count: 2 - node_config: - machine_type: n1-standard-4 - disk_size_gb: 500 - location: us-central1-a - project: test_project - auth_kind: serviceaccount - service_account_file: "/tmp/auth.pem" - state: present - -``` -
-
Negative test num. 16 - tf file +
Negative test num. 15 - tf file ```tf provider "stripe" { @@ -1920,7 +1908,7 @@ provider "stripe" { ```
-
Negative test num. 17 - yaml file +
Negative test num. 16 - yaml file ```yaml - hosts: all @@ -1930,7 +1918,7 @@ provider "stripe" { ```
-
Negative test num. 18 - yaml file +
Negative test num. 17 - yaml file ```yaml - hosts: all @@ -1941,7 +1929,7 @@ provider "stripe" { ```
-
Negative test num. 19 - yaml file +
Negative test num. 18 - yaml file ```yaml apiVersion: v1 @@ -1957,7 +1945,7 @@ spec: ```
-
Negative test num. 20 - yaml file +
Negative test num. 19 - yaml file ```yaml apiVersion: v1 @@ -1982,7 +1970,7 @@ users: ```
-
Negative test num. 21 - tf file +
Negative test num. 20 - tf file ```tf resource "aws_lambda_function" "analysis_lambda4" { @@ -1999,7 +1987,7 @@ resource "aws_lambda_function" "analysis_lambda4" { ```
-
Negative test num. 22 - tf file +
Negative test num. 21 - tf file ```tf provider rancher2 { @@ -2009,7 +1997,7 @@ provider rancher2 { ```
-
Negative test num. 23 - yaml file +
Negative test num. 22 - yaml file ```yaml name: Example Workflow @@ -2066,36 +2054,26 @@ jobs: ```
-
Negative test num. 24 - tf file - -```tf -#this code is a correct code for which the query should not find any result -resource "google_container_cluster" "primary" { - name = "marcellus-wallace" - location = "us-central1-a" - initial_node_count = 3 - - master_auth { - client_certificate_config { - issue_client_certificate = true - } - } - - timeouts { - create = "30m" - update = "40m" - } -} - -resource "google_secret_manager_secret_version" "secret-version-basic" { - secret = var.my_google_secret +
Negative test num. 23 - yaml file - secret_data = "secret-data" -} +```yaml +#ansible test +- name: create a cluster + google.cloud.gcp_container_cluster: + name: my-cluster + initial_node_count: 2 + node_config: + machine_type: n1-standard-4 + disk_size_gb: 500 + location: us-central1-a + project: test_project + auth_kind: serviceaccount + service_account_file: "/tmp/auth.pem" + state: present ```
-
Negative test num. 25 - yaml file +
Negative test num. 24 - yaml file ```yaml apiVersion: v1 @@ -2122,7 +2100,7 @@ spec: allowPrivilegeEscalation: false ```
-
Negative test num. 26 - yaml file +
Negative test num. 25 - yaml file ```yaml - name: 'aws_codebuild integration tests' @@ -2164,17 +2142,17 @@ spec: ```
-
Negative test num. 27 - yaml file +
Negative test num. 26 - yaml file ```yaml Conditions: HasKmsKey: !Not [!Equals [!Ref ParentKmsKeyStack, '']] HasSecretName: !Not [!Equals [!Ref ParentKmsKeyStack, '']] HasPassword: !Not [!Equals [!Ref DBPassword, '']] - +Resources: ```
-
Negative test num. 28 - yaml file +
Negative test num. 27 - yaml file ```yaml Resources: @@ -2228,7 +2206,7 @@ Resources: ```
-
Negative test num. 29 - tf file +
Negative test num. 28 - tf file ```tf locals { @@ -2239,7 +2217,7 @@ locals { ```
-
Negative test num. 30 - dockerfile file +
Negative test num. 29 - dockerfile file ```dockerfile FROM baseImage @@ -2253,7 +2231,7 @@ RUN apk add --no-cache git \ ```
-
Negative test num. 31 - tf file +
Negative test num. 30 - tf file ```tf resource "aws_instance" "instance" { @@ -2268,7 +2246,7 @@ resource "aws_instance" "instance" { ```
-
Negative test num. 32 - yaml file +
Negative test num. 31 - yaml file ```yaml Resources: @@ -2284,11 +2262,12 @@ Resources: ```
-
Negative test num. 33 - yaml file +
Negative test num. 32 - yaml file ```yaml Type: AWS::Glue::Connection -Properties: +Resources: + Properties: CatalogId: "1111111111111" ConnectionInput: ConnectionProperties: @@ -2315,7 +2294,7 @@ Properties: ```
-
Negative test num. 34 - yaml file +
Negative test num. 33 - yaml file ```yaml AWSTemplateFormatVersion: "2010-09-09" @@ -2348,20 +2327,41 @@ Resources: ```
-
Negative test num. 35 - dockerfile file +
Negative test num. 34 - tf file -```dockerfile -FROM baseImage +```tf +#this code is a correct code for which the query should not find any result +resource "google_container_cluster" "primary" { + name = "marcellus-wallace" + location = "us-central1-a" + initial_node_count = 3 -RUN command + master_auth { + client_certificate_config { + issue_client_certificate = true + } + } + + timeouts { + create = "30m" + update = "40m" + } +} + +resource "google_secret_manager_secret_version" "secret-version-basic" { + secret = var.my_google_secret + + secret_data = "secret-data" +} ```
-
Negative test num. 36 - yaml file +
Negative test num. 35 - yaml file ```yaml Type: AWS::Glue::Connection -Properties: +Resources: + Properties: CatalogId: "1111111111111" ConnectionInput: ConnectionProperties: @@ -2388,7 +2388,7 @@ Properties: ```
-
Negative test num. 37 - yaml file +
Negative test num. 36 - yaml file ```yaml --- @@ -2554,7 +2554,7 @@ Resources: ```
-
Negative test num. 38 - tf file +
Negative test num. 37 - tf file ```tf data "terraform_remote_state" "intnet" { @@ -2570,7 +2570,7 @@ data "terraform_remote_state" "intnet" { ```
-
Negative test num. 39 - tf file +
Negative test num. 38 - tf file ```tf #this is a problematic code where the query should report a result(s) @@ -2596,27 +2596,32 @@ resource "google_container_cluster" "primary1" { ```
-
Negative test num. 40 - yml file +
Negative test num. 39 - yml file ```yml +on: workflow_call + stages: - build variables: GIT_PRIVATE_KEY: $GIT_PRIVATE_KEY -job_build: - stage: build - script: - - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then - echo "Missing GIT_PRIVATE_KEY variable!" - exit 1 - fi - - echo "Private key is set." +jobs: + job_build: + stage: build + script: + - if [[ -z "${GIT_PRIVATE_KEY:-}" ]]; then + echo "Missing GIT_PRIVATE_KEY variable!" + exit 1 + fi + - echo "Private key is set." + steps: + - uses: actions/checkout@v4 ```
-
Negative test num. 41 - yml file +
Negative test num. 40 - yml file ```yml - name: "Configure the MySQL user " @@ -2630,7 +2635,7 @@ job_build: ```
-
Negative test num. 42 - yaml file +
Negative test num. 41 - yaml file ```yaml name: Deploy @@ -2707,6 +2712,15 @@ jobs: echo "AUTH0_CLIENT_SECRET=${auth0_client_secret}" >> $GITHUB_ENV echo "RESTAPI_MGT_APPID=${restapi_mgt_appid}" >> $GITHUB_ENV echo "RESTAPI_MGT_APPSEC=${restapi_mgt_appsec}" >> $GITHUB_ENV +``` +
+
Negative test num. 42 - dockerfile file + +```dockerfile +FROM baseImage + +RUN command + ```
Negative test num. 43 - json file diff --git a/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md b/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md index 6c4e3e2abad..607af5e5be9 100644 --- a/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md +++ b/docs/queries/crossplane-queries/aws/0c7a76d9-7dc5-499e-81ac-9245839177cb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/ecs_cluster_with_container_insights_disabled) ### Description diff --git a/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md b/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md index 6ce160fdec3..4d0e6250b6f 100644 --- a/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md +++ b/docs/queries/crossplane-queries/aws/255b0fcc-9f82-41fe-9229-01b163e3376b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudfront_without_minimum_protocol_tls_1.2) ### Description diff --git a/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md b/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md index df16b0b5145..4c3366f1cdc 100644 --- a/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md +++ b/docs/queries/crossplane-queries/aws/6d19ce0f-b3d8-4128-ac3d-1064e0f00494.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudfront_without_waf) ### Description diff --git a/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md b/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md index 6f6117ea677..658f5193f0e 100644 --- a/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md +++ b/docs/queries/crossplane-queries/aws/72840c35-3876-48be-900d-f21b2f0c2ea1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/efs_not_encrypted) ### Description diff --git a/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md b/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md index cac69b21909..4c7d86259ff 100644 --- a/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md +++ b/docs/queries/crossplane-queries/aws/7b590235-1ff4-421b-b9ff-5227134be9bb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudfront_logging_disabled) ### Description diff --git a/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md b/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md index d54793c3e4e..8a1a775e428 100644 --- a/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md +++ b/docs/queries/crossplane-queries/aws/83bf5aca-138a-498e-b9cd-ad5bc5e117b4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/neptune_database_cluster_encryption_disabled) ### Description diff --git a/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md b/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md index 5d8d31071aa..203dde9634b 100644 --- a/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md +++ b/docs/queries/crossplane-queries/aws/9296f1cc-7a40-45de-bd41-f31745488a0e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/sqs_with_sse_disabled) ### Description diff --git a/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md b/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md index d49be7c9525..f87ebdd0716 100644 --- a/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md +++ b/docs/queries/crossplane-queries/aws/934613fe-b12c-4e5a-95f5-c1dcdffac1ff.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Info - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/cloudwatch_without_retention_period_specified) ### Description diff --git a/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md b/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md index 4003a36bfb6..881031f76c2 100644 --- a/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md +++ b/docs/queries/crossplane-queries/aws/a507daa5-0795-4380-960b-dd7bb7c56661.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/elb_using_weak_ciphers) ### Description diff --git a/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md b/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md index 6d935b7538c..9a097ebde24 100644 --- a/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md +++ b/docs/queries/crossplane-queries/aws/bdecd6db-2600-47dd-a10c-72c97cf17ae9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/efs_without_kms) ### Description diff --git a/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md b/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md index a07d4201819..8f5be5e9c55 100644 --- a/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md +++ b/docs/queries/crossplane-queries/aws/d9dc6429-5140-498a-8f55-a10daac5f000.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/rds_db_instance_publicly_accessible) ### Description diff --git a/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md b/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md index 3dc078cd339..069cf9e5609 100644 --- a/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md +++ b/docs/queries/crossplane-queries/aws/dd667399-8d9d-4a8d-bbb4-e49ab53b2f52.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/db_security_group_has_public_interface) ### Description diff --git a/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md b/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md index fc0fdd88ccf..0c2f974e710 100644 --- a/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md +++ b/docs/queries/crossplane-queries/aws/e50eb68a-a4af-4048-8bbe-8ec324421469.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/db_instance_storage_not_encrypted) ### Description diff --git a/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md b/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md index 297618400bf..8beb42b408e 100644 --- a/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md +++ b/docs/queries/crossplane-queries/aws/e6cd49ba-77ed-417f-9bca-4f5303554308.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/aws/docdb_logging_disabled) ### Description diff --git a/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md b/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md index 287ff5b53ae..1dd548dc796 100644 --- a/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md +++ b/docs/queries/crossplane-queries/azure/6c7cfec3-c686-4ed2-bf58-a1ec054b63fc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/azure/redis_cache_allows_non_ssl_connections) ### Description diff --git a/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md b/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md index ed747a4d388..78e1be80d3c 100644 --- a/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md +++ b/docs/queries/crossplane-queries/azure/b2418936-cd47-4ea2-8346-623c0bdb87bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/azure/aks_rbac_disabled) ### Description diff --git a/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md b/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md index 95d7f41beb0..f6087b76c0d 100644 --- a/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md +++ b/docs/queries/crossplane-queries/gcp/6c2d627c-de0f-45fb-b33d-dad9bffbb421.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/gcp/cloud_storage_bucket_logging_not_enabled) ### Description diff --git a/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md b/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md index eaa22db5dfc..ad02c01a26c 100644 --- a/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md +++ b/docs/queries/crossplane-queries/gcp/b4f65d13-a609-4dc1-af7c-63d2e08bffe9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Crossplane - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 703 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/crossplane/gcp/google_container_node_pool_auto_repair_disabled) ### Description diff --git a/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md b/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md index d9c9f1448d1..ad1fc654eb5 100644 --- a/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md +++ b/docs/queries/dockercompose-queries/071a71ff-f868-47a4-ac0b-3c59e4ab5443.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_host_network_namespace) ### Description diff --git a/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md b/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md index 568d2654fb6..1207c507e19 100644 --- a/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md +++ b/docs/queries/dockercompose-queries/1c1325ff-831d-43a1-973e-839ae57dfcc0.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** High - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/volume_has_sensitive_host_directory) ### Description @@ -68,9 +68,11 @@ volumes: o: bind ``` -```yaml title="Positive test num. 3 - yaml file" hl_lines="12" +```yaml title="Positive test num. 3 - yaml file" hl_lines="14" version: '3' +services: + image: docker volumes: wordpress-db-data: driver: local-persist @@ -81,7 +83,6 @@ volumes: driver: local-persist driver_opts: mountpoint: /var/data - ```
Positive test num. 4 - yaml file @@ -168,6 +169,8 @@ services: ```yaml title="Negative test num. 2 - yaml file" version: '3' +services: + image: docker volumes: wordpress-db-data: driver: local-persist diff --git a/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md b/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md index c20966145f6..f685f74a6c1 100644 --- a/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md +++ b/docs/queries/dockercompose-queries/221e0658-cb2a-44e3-b08a-db96a341d6fa.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 770 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/pids_limit_not_set) ### Description diff --git a/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md b/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md index d00e4b7c021..fe2e3cb1fd9 100644 --- a/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md +++ b/docs/queries/dockercompose-queries/27fcc7d6-c49b-46e0-98f1-6c082a6a2750.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** High - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/no_new_privileges_not_set) ### Description diff --git a/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md b/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md index 0387bb950f9..1f2cbce9c54 100644 --- a/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md +++ b/docs/queries/dockercompose-queries/2fc99041-ddad-49d5-853f-e35e70a48391.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/restart_policy_on_failure_not_set_to_5) ### Description diff --git a/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md b/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md index 3e082a6b674..51fcb3ec1e4 100644 --- a/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md +++ b/docs/queries/dockercompose-queries/404fde2c-bc4b-4371-9747-7054132ac953.md @@ -20,11 +20,11 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/default_seccomp_profile_disabled) ### Description -Seccomp offers a whitelist of common system calls, blocking all others. Having less kernel exposed to an app then increases security.
+Seccomp offers a whitelist of common system calls, blocking all others. This reduces the kernel's exposure to the application, thereby increasing security.
[Documentation](https://docs.docker.com/compose/compose-file/compose-file-v3/#security_opt) ### Code samples diff --git a/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md b/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md index abb5239ae03..fe71ed3592c 100644 --- a/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md +++ b/docs/queries/dockercompose-queries/451d79dc-0588-476a-ad03-3c7f0320abb3.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/container_traffic_not_bound_to_host_interface) ### Description diff --git a/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md b/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md index 4df9922d65a..31b5197d952 100644 --- a/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md +++ b/docs/queries/dockercompose-queries/4d9f44c6-2f4a-4317-9bb5-267adbea0232.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/cgroup_not_default) ### Description diff --git a/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md b/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md index a5b302b9603..97a462c8bb3 100644 --- a/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md +++ b/docs/queries/dockercompose-queries/4f31dd9f-2cc3-4751-9b53-67e4af83dac0.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/host_namespace_is_shared) ### Description diff --git a/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md b/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md index 908ebcf215b..444daa06875 100644 --- a/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md +++ b/docs/queries/dockercompose-queries/610e266e-6c12-4bca-9925-1ed0cd29742b.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/security_opt_not_set) ### Description diff --git a/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md b/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md index 7a0dbf87157..3736ee26f26 100644 --- a/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md +++ b/docs/queries/dockercompose-queries/698ed579-b239-4f8f-a388-baa4bcb13ef8.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 703 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/healthcheck_not_set) ### Description diff --git a/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md b/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md index 2ed84a4501c..e0d411daa72 100644 --- a/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md +++ b/docs/queries/dockercompose-queries/6b610c50-99fb-4ef0-a5f3-e312fd945bc3.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/cpus_not_limited) ### Description diff --git a/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md b/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md index e1ec8d6588b..cfcfd9bcf85 100644 --- a/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md +++ b/docs/queries/dockercompose-queries/8af7162d-6c98-482f-868e-0d33fb675ca8.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_host_user_namespace) ### Description diff --git a/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md b/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md index 8b4eb642056..d612d4ec24c 100644 --- a/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md +++ b/docs/queries/dockercompose-queries/8c978947-0ff6-485c-b0c2-0bfca6026466.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Info - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_volumes_between_containers) ### Description diff --git a/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md b/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md index 79429edf22d..8f55b666598 100644 --- a/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md +++ b/docs/queries/dockercompose-queries/ae5b6871-7f45-42e0-bb4c-ab300c4d2026.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** High - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/privileged_containers_enabled) ### Description diff --git a/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md b/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md index 2228ecebb4a..afe2910ae41 100644 --- a/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md +++ b/docs/queries/dockercompose-queries/baa3890f-bed7-46f5-ab8f-1da8fc91c729.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/shared_host_ipc_namespace) ### Description diff --git a/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md b/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md index de18d6bf409..ffd6236544f 100644 --- a/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md +++ b/docs/queries/dockercompose-queries/baa452f0-1f21-4a25-ace5-844e7a5f410d.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** High - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/volume_mounted_in_multiple_containers) ### Description diff --git a/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md b/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md index 1e3ce394dae..350bac3047b 100644 --- a/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md +++ b/docs/queries/dockercompose-queries/bb9ac4f7-e13b-423d-a010-c74a1bfbe492.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 770 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/memory_not_limited) ### Description diff --git a/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md b/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md index 40f76eadc8c..550ffbbf7eb 100644 --- a/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md +++ b/docs/queries/dockercompose-queries/bc2908f3-f73c-40a9-8793-c1b7d5544f79.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/privileged_ports_mapped_in_container) ### Description diff --git a/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md b/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md index 8ce318cb485..7af3ca7d2d1 100644 --- a/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md +++ b/docs/queries/dockercompose-queries/ce76b7d0-9e77-464d-b86f-c5c48e03e22d.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/container_capabilities_unrestricted) ### Description diff --git a/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md b/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md index ff15e2b7204..9bd510f6013 100644 --- a/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md +++ b/docs/queries/dockercompose-queries/d6355c88-1e8d-49e9-b2f2-f8a1ca12c75b.md @@ -20,7 +20,7 @@ hide: - **Platform:** DockerCompose - **Severity:** High - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/dockerCompose/docker_socket_mounted_in_container) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md b/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md index 119f608df88..01e7e4845d3 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/1239f54b-33de-482a-8132-faebe288e6a6.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1357 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/google_storage_bucket_level_access_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md b/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md index 174f9a45f77..806ff6b9b37 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/227c2f58-70c6-4432-8e9a-a89c1a548cf5.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 280 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/bucket_without_versioning) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md b/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md index 0c12e18fb4b..cee55d9e0f2 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/268c65a8-58ad-43e4-9019-1a9bbc56749f.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp_bom/pd) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md b/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md index 6eb9ed41bb6..c310342ddc8 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/28727987-e398-49b8-aef1-8a3e7789d111.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/ip_aliasing_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md b/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md index 02e78a2165f..ddef94d3487 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/313d6deb-3b67-4948-b41d-35b699c2492e.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 353 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_dns_without_dnnsec) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md b/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md index 7ec4ca2f011..7929988f891 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/48c61fbd-09c9-46cc-a521-012e0c325412.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/private_cluster_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md b/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md index 4cad894a98b..5d740000a94 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/50cb6c3b-c878-4b88-b50e-d1421bada9e8.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/rdp_access_is_not_restricted) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md b/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md index 6266cb352d2..eb1b176fea0 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/62c8cf50-87f0-4295-a974-8184ed78fe02.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/gke_master_authorized_networks_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md b/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md index c5c8cbf32e2..8490880a30a 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/63ae3638-a38c-4ff4-b616-6e1f72a31a6a.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_storage_anonymous_or_publicly_accessible) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md b/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md index 34bd1916b9f..653e564d205 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/660360d3-9ca7-46d1-b147-3acc4002953f.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/sql_db_instance_with_ssl_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md b/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md index 3c27bac9381..34dbbe4b822 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/6d7b121a-a2ed-4e37-bd2f-80d9df1dfd35.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/dnssec_using_rsasha1) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md b/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md index d7fbc2ee586..716af6c8fa8 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/6e2b1ec1-1eca-4eb7-9d4d-2882680b4811.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md b/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md index ca39719983a..afb86a5628a 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/77c1fa3f-83dc-4c9d-bfed-e1d0cc8fd9dc.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_storage_bucket_is_publicly_accessible) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md b/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md index f0cfbf7cf26..4128ca69431 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/7c98538a-81c6-444b-bf04-e60bc3ceeec0.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/ip_forwarding_enabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md b/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md index c58d1b3ae84..250b4347f34 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/7ef7d141-9fbb-4679-a977-fd0883436906.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cluster_master_authentication_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md b/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md index 76a6f016f08..ae3ee1950f1 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/8212e2d7-e683-49bc-bf78-d6799075c5a7.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/compute_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md b/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md index 0820da639c3..0effe9a1a69 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/83103dff-d57f-42a8-bd81-40abab64c1a7.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/bigquery_database_is_public) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md b/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md index e66d2a44e25..d702c157928 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/8810968b-4b15-421d-918b-d91eb4bb8d1d.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cluster_labels_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md b/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md index 870f9c53a00..63c5efc976a 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/9038b526-4c19-4928-bca2-c03d503bdb79.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/shielded_vm_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md b/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md index ca3f2f6a723..f04c1f5be0a 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/95601b9a-7fe8-4aee-9b58-d36fd9382dfc.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/stackdriver_logging_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md b/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md index efb4b0f04a8..9c4066c8694 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/9ed08714-b2f3-4c6d-8fb0-ac0b74ad71d8.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp_bom/pst) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md b/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md index b065072ce71..79e6f028fba 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/a21b8df3-c840-4b3d-a41a-10fb2afda171.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/not_proper_email_account_in_use) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md b/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md index 2163e2ab2df..ca685f3ea9f 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 497 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/sql_db_instance_backup_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md b/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md index 1178ceb22c6..7aec29ee464 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/ad0875c1-0b39-4890-9149-173158ba3bba.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 1357 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cloud_storage_bucket_versioning_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md b/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md index 1f206371dbb..b312949688d 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/bbfc97ab-e92a-4a7b-954c-e88cec815011.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/stackdriver_monitoring_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md b/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md index 079f63847c0..f3062d98437 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/c47f90e8-4a19-43f0-8413-cc434d286c4e.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/network_policy_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md b/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md index 428458f2cf1..d25377b37f5 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/c759d6f2-4dd3-4160-82d3-89202ef10d87.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 119 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/mysql_instance_with_local_infile_on) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md b/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md index edd4a04f6b2..bbe2af04ee7 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/c7781feb-a955-4f9f-b9cf-0d7c6f54bb59.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp_bom/sb) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md b/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md index 61ad6c01226..ee5798d50b7 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/dbe058d7-b82e-430b-8426-992b2e4677e7.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/cos_node_image_not_used) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md b/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md index 65d88bbf917..22783adfc17 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/dc5c5fee-6c53-43b0-ab11-4c660e064aaf.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/node_auto_upgrade_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md b/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md index b9cb1df8d96..090921a9003 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/dd690686-2bf9-4012-a821-f61912dd77be.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/client_certificate_disabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md b/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md index 8155924c2ca..53825d41fd4 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/dee21308-2a7a-49de-8ff7-c9b87e188575.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/ssh_access_is_not_restricted) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md b/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md index c07a8d56e70..933e18464e0 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/df58d46c-783b-43e0-bdd0-d99164f712ee.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/gke_legacy_authorization_enabled) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md b/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md index 1a4e1748ee5..b6c29cf3a90 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/e66e1b71-c810-4b4e-a737-0ab59e7f5e41.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/os_login_is_disabled_for_vm_instance) ### Description diff --git a/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md b/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md index 8d3823092b0..da79c4a4779 100644 --- a/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md +++ b/docs/queries/googledeploymentmanager-queries/gcp/fc040fb6-4c23-4c0d-b12a-39edac35debb.md @@ -20,7 +20,7 @@ hide: - **Platform:** GoogleDeploymentManager - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/googleDeploymentManager/gcp/disk_encryption_disabled) ### Description diff --git a/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md b/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md index 5c94f17fa14..196e2981204 100644 --- a/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md +++ b/docs/queries/grpc-queries/daaace5f-c0dc-4835-b526-7a116b7f4b4e.md @@ -20,7 +20,7 @@ hide: - **Platform:** GRPC - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 1099 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/grpc/enum_name_not_camel_case) ### Description diff --git a/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md b/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md index 8e6fe9fa29d..df66773584c 100644 --- a/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md +++ b/docs/queries/knative-queries/e8bb41e4-2f24-4e84-8bea-8c7c070cf93d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Knative - **Severity:** Info - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/knative/serving_revision_spec_without_timeout_settings) ### Description diff --git a/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md b/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md index db90bffe4e8..10760fec293 100644 --- a/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md +++ b/docs/queries/kubernetes-queries/02323c00-cdc3-4fdc-a310-4f2b3e7a1660.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_run_with_low_uid) ### Description diff --git a/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md b/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md index 2da3f97939d..acd3fbc8d9b 100644 --- a/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md +++ b/docs/queries/kubernetes-queries/03aabc8c-35d6-481e-9c85-20139cf72d23.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 923 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cni_plugin_does_not_support_network_policies) ### Description diff --git a/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md b/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md index 84474fc88a2..23e84648abe 100644 --- a/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md +++ b/docs/queries/kubernetes-queries/0401f71b-9c1e-4821-ab15-a955caa621be.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_misconfigured_network_policy) ### Description diff --git a/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md b/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md index bb92de7adc4..91867c8e150 100644 --- a/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md +++ b/docs/queries/kubernetes-queries/056ac60e-fe07-4acc-9b34-8e1d51716ab9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_allows_access_secrets) ### Description diff --git a/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md b/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md index c4ad5b91b78..a106c4f8cd0 100644 --- a/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md +++ b/docs/queries/kubernetes-queries/05fb986f-ac73-4ebb-a5b2-7faafa93d882.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/root_ca_file_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md b/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md index 5ccfea15943..9ccf4401beb 100644 --- a/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md +++ b/docs/queries/kubernetes-queries/075ca296-6768-4322-aea2-ba5063b969a9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_tls_certificate_files_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md b/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md index 257888f6794..a414ad9f4e0 100644 --- a/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md +++ b/docs/queries/kubernetes-queries/09bb9e96-8da3-4736-b89a-b36814acca60.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_peer_tls_certificate_files_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md b/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md index 4102ead774e..84de81f7a5b 100644 --- a/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md +++ b/docs/queries/kubernetes-queries/10efce34-5af6-4d83-b414-9e096d5a06a9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/encryption_provider_not_properly_configured) ### Description diff --git a/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md b/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md index e6a155979e3..01446fae233 100644 --- a/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md +++ b/docs/queries/kubernetes-queries/1123031a-f921-4c5b-bd86-ef354ecfd37a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/metadata_label_is_invalid) ### Description diff --git a/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md b/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md index ae066477b87..40422d0c29f 100644 --- a/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md +++ b/docs/queries/kubernetes-queries/13a49a2e-488e-4309-a7c0-d6b05577a5fb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_policy_file_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md b/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md index e0cd84c19b9..6e5116b11b9 100644 --- a/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md +++ b/docs/queries/kubernetes-queries/14abda69-8e91-4acb-9931-76e2bee90284.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/image_policy_webhook_admission_control_plugin_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md b/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md index eab327c7508..cea6736e33b 100644 --- a/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md +++ b/docs/queries/kubernetes-queries/1828a670-5957-4bc5-9974-47da228f75e2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_policy_not_cover_key_security_concerns) ### Description diff --git a/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md b/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md index 05d3e1724f5..76d61aa39f7 100644 --- a/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md +++ b/docs/queries/kubernetes-queries/192fe40b-b1c3-448a-aba2-6cc19a300fe3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cronjob_deadline_not_configured) ### Description diff --git a/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md b/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md index dccf1b1862a..25b5f3644af 100644 --- a/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md +++ b/docs/queries/kubernetes-queries/19ebaa28-fc86-4a58-bcfa-015c9e22fe40.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_with_added_capabilities) ### Description diff --git a/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md b/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md index 7c57cefc4d4..2ef2fb42c1c 100644 --- a/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md +++ b/docs/queries/kubernetes-queries/1a07a446-8e61-4e4d-bc16-b0781fcb8211.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_event_qps_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md b/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md index b03a49e835e..54591acde16 100644 --- a/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md +++ b/docs/queries/kubernetes-queries/1aa4a1ae-5dbb-48a1-9aa2-630ea4be208e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/authorization_mode_rbac_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md b/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md index eed68d7306d..3f0f7461135 100644 --- a/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md +++ b/docs/queries/kubernetes-queries/1acd93f1-5a37-45c0-aaac-82ece818be7d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/use_service_account_credentials_not_set_to_true) ### Description diff --git a/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md b/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md index 85dd7a0fa93..1e6bc747512 100644 --- a/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md +++ b/docs/queries/kubernetes-queries/1c621b8e-2c6a-44f5-bd6a-fb0fb7ba33e2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rotate_kubelet_server_certificate_not_active) ### Description diff --git a/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md b/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md index f0fc8bb8bbe..45c138db1f3 100644 --- a/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md +++ b/docs/queries/kubernetes-queries/1db3a5a5-bf75-44e5-9e44-c56cfc8b1ac5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_without_pod_disruption_budget) ### Description diff --git a/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md b/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md index 60e18184cad..a831fbc56b1 100644 --- a/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md +++ b/docs/queries/kubernetes-queries/1de5cc51-f376-4638-a940-20f2e85ae238.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 1390 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/anonymous_auth_is_not_set_to_false) ### Description diff --git a/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md b/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md index 88a2d6d4089..2020a7a2578 100644 --- a/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md +++ b/docs/queries/kubernetes-queries/1e749bc9-fde8-471c-af0c-8254efd2dee5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/role_binding_to_default_service_account) ### Description diff --git a/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md b/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md index c2eb0fa16ec..d3719e88740 100644 --- a/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md +++ b/docs/queries/kubernetes-queries/1ffe7bf7-563b-4b3d-a71d-ba6bd8d49b37.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/namespace_lifecycle_admission_control_plugin_disabled) ### Description diff --git a/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md b/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md index 09f001f2e13..20cc001bafe 100644 --- a/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md +++ b/docs/queries/kubernetes-queries/2270987f-bb51-479f-b8be-3ca73e5ad648.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/net_raw_capabilities_disabled_for_psp) ### Description diff --git a/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md b/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md index 91db0ad7266..59cf9d8532a 100644 --- a/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md +++ b/docs/queries/kubernetes-queries/229588ef-8fde-40c8-8756-f4f2b5825ded.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/memory_requests_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md b/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md index ff80ca4ffb4..db539c052eb 100644 --- a/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md +++ b/docs/queries/kubernetes-queries/235236ee-ad78-4065-bd29-61b061f28ce0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_with_sys_admin_capabilities) ### Description diff --git a/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md b/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md index 641ef355c6e..d9fe306e628 100644 --- a/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md +++ b/docs/queries/kubernetes-queries/249328b8-5f0f-409f-b1dd-029f07882e11.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cluster_admin_role_binding_with_super_user_permissions) ### Description diff --git a/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md b/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md index c699e998b8c..d5254f402d1 100644 --- a/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md +++ b/docs/queries/kubernetes-queries/26763a1c-5dda-4772-b507-5fca7fb5f165.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 552 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_with_external_load_balancer) ### Description diff --git a/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md b/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md index bff1381adb9..1d06fccea7c 100644 --- a/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md +++ b/docs/queries/kubernetes-queries/268ca686-7fb7-4ae9-b129-955a2a89064e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/no_drop_capabilities_for_containers) ### Description diff --git a/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md b/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md index 8d6c95d7863..152f2b07feb 100644 --- a/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md +++ b/docs/queries/kubernetes-queries/2940d48a-dc5e-4178-a3f8-bfbd80720b41.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_read_only_port_is_not_set_to_zero) ### Description diff --git a/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md b/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md index 89628f361ca..1160927da91 100644 --- a/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md +++ b/docs/queries/kubernetes-queries/2b1836f1-dcce-416e-8e16-da8c71920633.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/workload_host_port_not_specified) ### Description diff --git a/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md b/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md index bf7d29f39dd..4c39baf0548 100644 --- a/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md +++ b/docs/queries/kubernetes-queries/2f491173-6375-4a84-b28e-a4e2b9a58a69.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/profiling_not_set_to_false) ### Description diff --git a/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md b/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md index 4cc6b3ecd35..0f429825c18 100644 --- a/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md +++ b/docs/queries/kubernetes-queries/2f652c42-619d-4361-b361-9f599688f8ca.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/hpa_targets_invalid_object) ### Description diff --git a/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md b/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md index 70e847fb27a..be7cd3d60d7 100644 --- a/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md +++ b/docs/queries/kubernetes-queries/302736f4-b16c-41b8-befe-c0baffa0bd9d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_host_pid_namespace) ### Description diff --git a/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md b/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md index 772866f56af..fc6b57e2944 100644 --- a/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md +++ b/docs/queries/kubernetes-queries/32ecd76e-7bbf-402e-bf48-8b9485749558.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/token_auth_file_is_set) ### Description diff --git a/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md b/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md index fa7a41b0671..2b06dfc704c 100644 --- a/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md +++ b/docs/queries/kubernetes-queries/33fc6923-6553-4fe6-9d3a-4efa51eb874b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/node_restriction_admission_control_plugin_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md b/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md index 954ad4a6138..f1045772e16 100644 --- a/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md +++ b/docs/queries/kubernetes-queries/35c0a471-f7c8-4993-aa2c-503a3c712a66.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_maxsize_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md b/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md index 06cc40e64b1..8351e1224a0 100644 --- a/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md +++ b/docs/queries/kubernetes-queries/36a27826-1bf5-49da-aeb0-a60a30c0e834.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_client_certificate_or_key_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md b/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md index e9fcf3c9c26..ed5a51f4f82 100644 --- a/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md +++ b/docs/queries/kubernetes-queries/3878dc92-8e5d-47cf-9cdd-7590f71d21b9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/incorrect_volume_claim_access_mode_read_write_once) ### Description diff --git a/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md b/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md index 2a9a40e5f9c..3ceefd90e7d 100644 --- a/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md +++ b/docs/queries/kubernetes-queries/38fa11ef-dbcc-4da8-9680-7e1fd855b6fb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_portforwarding_permissions) ### Description diff --git a/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md b/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md index 27e3583b49a..7eaaaf0e313 100644 --- a/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md +++ b/docs/queries/kubernetes-queries/3ca03a61-3249-4c16-8427-6f8e47dda729.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_does_not_target_pod) ### Description diff --git a/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md b/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md index 657fcb7a80b..2d5ecbbb78a 100644 --- a/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md +++ b/docs/queries/kubernetes-queries/3d24b204-b73d-42cb-b0bf-1a5438c5f71e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/secure_port_set_to_zero) ### Description diff --git a/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md b/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md index c232f2a9e82..34a8c0d3325 100644 --- a/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md +++ b/docs/queries/kubernetes-queries/3d658f8b-d988-41a0-a841-40043121de1e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 526 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/secrets_as_environment_variables) ### Description diff --git a/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md b/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md index 358a9d5953a..0102089762d 100644 --- a/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md +++ b/docs/queries/kubernetes-queries/3f5ff8a7-5ad6-4d02-86f5-666307da1b20.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_client_certificate_file_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md b/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md index 4a65759868a..653dff419b6 100644 --- a/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md +++ b/docs/queries/kubernetes-queries/46a2e9ec-6a5f-4faa-9d39-4ea44d5d87a2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Info - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/bind_address_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md b/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md index 83bd9966aff..11bf7185554 100644 --- a/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md +++ b/docs/queries/kubernetes-queries/48471392-d4d0-47c0-b135-cdec95eb3eef.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_token_automount_not_disabled) ### Description diff --git a/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md b/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md index 3c929fa45fd..aebf53bdfbf 100644 --- a/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md +++ b/docs/queries/kubernetes-queries/48a5beba-e4c0-4584-a2aa-e6894e4cf424.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_or_container_without_resource_quota) ### Description diff --git a/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md b/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md index df8f1d58395..fa247a8a343 100644 --- a/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md +++ b/docs/queries/kubernetes-queries/49113af4-29ca-458e-b8d4-724c01a4a24f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 460 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/terminated_pod_garbage_collector_threshold_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md b/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md index 8d8610dd6bc..31be619bc19 100644 --- a/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md +++ b/docs/queries/kubernetes-queries/4a20ebac-1060-4c81-95d1-1f7f620e983b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_or_container_without_limit_range) ### Description diff --git a/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md b/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md index 5222d00e2ab..5c3ccdb9c78 100644 --- a/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md +++ b/docs/queries/kubernetes-queries/4ac0e2b7-d2d2-4af7-8799-e8de6721ccda.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cpu_limits_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md b/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md index 9a94beb349f..92c82c16099 100644 --- a/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md +++ b/docs/queries/kubernetes-queries/4d7ee40f-fc5d-427d-8cac-dffbe22d42d1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/authorization_mode_node_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md b/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md index 4cbebb4e9bd..5a0515139ab 100644 --- a/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md +++ b/docs/queries/kubernetes-queries/510d5810-9a30-443a-817d-5c1fa527b110.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/weak_tls_cipher_suites) ### Description diff --git a/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md b/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md index 1e98d33737b..fe1ddb15deb 100644 --- a/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md +++ b/docs/queries/kubernetes-queries/52d70f2e-3257-474c-b3dc-8ad9ba6a061a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_client_periodic_certificate_switch_disabled) ### Description diff --git a/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md b/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md index f0968725c10..d3353bb4c19 100644 --- a/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md +++ b/docs/queries/kubernetes-queries/5308a7a8-06f8-45ac-bf10-791fe21de46e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/workload_mounting_with_sensitive_os_directory) ### Description diff --git a/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md b/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md index 185d68c414a..3591191c655 100644 --- a/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md +++ b/docs/queries/kubernetes-queries/5572cc5e-1e4c-4113-92a6-7a8a3bd25e6d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/privilege_escalation_allowed) ### Description diff --git a/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md b/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md index 4d15ab6396d..10c74e4888b 100644 --- a/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md +++ b/docs/queries/kubernetes-queries/5744cbb8-5946-4b75-a196-ade44449525b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Info - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/hpa_targeted_deployments_with_configured_replica_count) ### Description diff --git a/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md b/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md index f6698e0d17b..875eb365633 100644 --- a/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md +++ b/docs/queries/kubernetes-queries/583053b7-e632-46f0-b989-f81ff8045385.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Supply-Chain -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/invalid_image) ### Description diff --git a/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md b/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md index 6fae2c9cfed..a1408173773 100644 --- a/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md +++ b/docs/queries/kubernetes-queries/591ade62-d6b0-4580-b1ae-209f80ba1cd9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_name_undefined_or_empty) ### Description diff --git a/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md b/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md index 14006f6ccdc..adb7860a5c8 100644 --- a/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md +++ b/docs/queries/kubernetes-queries/592ad21d-ad9b-46c6-8d2d-fad09d62a942.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/permissive_access_to_create_pods) ### Description diff --git a/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md b/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md index 0edd2850091..044a6b848eb 100644 --- a/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md +++ b/docs/queries/kubernetes-queries/5da47109-f8d6-4585-9e2b-96a8958a12f5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 1390 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/basic_auth_file_is_set) ### Description diff --git a/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md b/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md index e167aeb7661..3d13c42e5ae 100644 --- a/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md +++ b/docs/queries/kubernetes-queries/5f89001f-6dd9-49ff-9b15-d8cd71b617f4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 924 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_not_managing_ip_tables) ### Description diff --git a/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md b/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md index 6515feaddfc..c0572af5423 100644 --- a/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md +++ b/docs/queries/kubernetes-queries/611ab018-c4aa-4ba2-b0f6-a448337509a6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/using_unrecommended_namespace) ### Description diff --git a/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md b/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md index 56138cf1155..e98bfeee9ea 100644 --- a/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md +++ b/docs/queries/kubernetes-queries/69bbc5e3-0818-4150-89cc-1e989b48f23b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/ingress_controller_exposes_workload) ### Description diff --git a/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md b/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md index 4f4f3d055be..7c2f32a8d5e 100644 --- a/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md +++ b/docs/queries/kubernetes-queries/6a68bebe-c021-492e-8ddb-55b0567fb768.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/security_context_deny_admission_control_plugin_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md b/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md index b90fc27e5dd..9b20e882559 100644 --- a/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md +++ b/docs/queries/kubernetes-queries/6b6bdfb3-c3ae-44cb-88e4-7405c1ba2c8a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_host_network_namespace) ### Description diff --git a/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md b/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md index 91bfe15dfb4..14147e791e9 100644 --- a/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md +++ b/docs/queries/kubernetes-queries/6b896afb-ca07-467a-b256-1a0077a1c08e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_wildcard_in_rule) ### Description diff --git a/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md b/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md index 6f60a310264..0fbaa84dd05 100644 --- a/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md +++ b/docs/queries/kubernetes-queries/6cf42c97-facd-4fda-b8af-ea4529123355.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_protect_kernel_defaults_set_to_false) ### Description diff --git a/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md b/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md index 17a45f6818b..0c9a69995c2 100644 --- a/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md +++ b/docs/queries/kubernetes-queries/6d173be7-545a-46c6-a81d-2ae52ed1605d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tiller_is_deployed) ### Description diff --git a/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md b/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md index 87aee7722fa..e3b49154039 100644 --- a/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md +++ b/docs/queries/kubernetes-queries/7307579a-3abb-46ad-9ce5-2a915634d5c8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_with_added_capabilities) ### Description diff --git a/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md b/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md index 03a6b4d6c1c..31a20830bd2 100644 --- a/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md +++ b/docs/queries/kubernetes-queries/73e251f0-363d-4e53-86e2-0a93592437eb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_path_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md b/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md index e9666db727f..09acee2c0a1 100644 --- a/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md +++ b/docs/queries/kubernetes-queries/768aab52-2504-4a2f-a3e3-329d5a679848.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_maxbackup_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md b/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md index 5af05efba22..1c68d359d74 100644 --- a/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md +++ b/docs/queries/kubernetes-queries/7c81d34c-8e5a-402b-9798-9f442630e678.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/image_without_digest) ### Description diff --git a/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md b/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md index b2771fd1a3a..504760e73d6 100644 --- a/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md +++ b/docs/queries/kubernetes-queries/80f93444-b240-4ebb-a4c6-5c40b76c04ea.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_allows_sharing_host_ipc) ### Description diff --git a/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md b/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md index 0874a5e108e..0c8c73e9ae1 100644 --- a/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md +++ b/docs/queries/kubernetes-queries/8320826e-7a9c-4b0b-9535-578333193432.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 288 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_allow_privilege_escalation) ### Description diff --git a/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md b/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md index 467ae888a58..8342a7c5df8 100644 --- a/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md +++ b/docs/queries/kubernetes-queries/845acfbe-3e10-4b8e-b656-3b404d36dfb2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_type_is_nodeport) ### Description diff --git a/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md b/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md index 8e0df0924f8..c2ba65288cb 100644 --- a/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md +++ b/docs/queries/kubernetes-queries/85ab1c5b-014e-4352-b5f8-d7dea3bb4fd3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/network_policy_is_not_targeting_any_pod) ### Description diff --git a/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md b/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md index 6c00df14b8d..38cdabf397e 100644 --- a/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md +++ b/docs/queries/kubernetes-queries/87554eef-154d-411d-bdce-9dbd91e56851.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_allows_privilege_escalation) ### Description diff --git a/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md b/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md index c9bff0118b3..d6be4e328b1 100644 --- a/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md +++ b/docs/queries/kubernetes-queries/895a5a95-3756-4b04-9924-2f3bc93181bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_tls_certificate_not_properly_configured) ### Description diff --git a/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md b/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md index e0067880288..49360cc38e9 100644 --- a/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md +++ b/docs/queries/kubernetes-queries/8b36775e-183d-4d46-b0f7-96a6f34a723f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/missing_app_armor_config) ### Description diff --git a/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md b/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md index f17db421fb0..03f51283426 100644 --- a/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md +++ b/docs/queries/kubernetes-queries/8b862ca9-0fbd-4959-ad72-b6609bdaa22d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tiller_service_is_not_deleted) ### Description diff --git a/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md b/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md index de818c77558..e8bba3e639c 100644 --- a/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md +++ b/docs/queries/kubernetes-queries/8cf4671a-cf3d-46fc-8389-21e7405063a2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_requests_storage) ### Description diff --git a/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md b/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md index ed7b252d65a..0175355e5ef 100644 --- a/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md +++ b/docs/queries/kubernetes-queries/9127f0d9-2310-42e7-866f-5fd9d20dcbad.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cluster_allows_unsafe_sysctls) ### Description diff --git a/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md b/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md index af90dea5514..aaa562e2aff 100644 --- a/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md +++ b/docs/queries/kubernetes-queries/91dacd0e-d189-4a9c-8272-5999a3cc32d9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_allows_sharing_host_pid) ### Description diff --git a/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md b/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md index 8832ad13e58..e4ed953596b 100644 --- a/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md +++ b/docs/queries/kubernetes-queries/9391103a-d8d7-4671-ac5d-606ba7ccb0ac.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_client_certificate_authentication_set_to_false) ### Description diff --git a/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md b/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md index 4ad7cbd9dcd..40220e472f8 100644 --- a/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md +++ b/docs/queries/kubernetes-queries/94b76ea5-e074-4ca2-8a03-c5a606e30645.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/object_is_using_a_deprecated_api_version) ### Description diff --git a/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md b/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md index 7ef7b3d1243..3cc20e0c673 100644 --- a/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md +++ b/docs/queries/kubernetes-queries/9587c890-0524-40c2-9ce2-663af7c2f063.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_admission_control_plugin_disabled) ### Description diff --git a/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md b/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md index 46d10fc1df0..934f8c10bd7 100644 --- a/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md +++ b/docs/queries/kubernetes-queries/98ce8b81-7707-4734-aa39-627c6db3d84b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/auto_tls_set_to_true) ### Description diff --git a/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md b/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md index a365c88bda6..0a0a7d730f9 100644 --- a/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md +++ b/docs/queries/kubernetes-queries/9f85c3f6-26fd-4007-938a-2e0cb0100980.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_impersonate_permission) ### Description diff --git a/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md b/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md index 2d27a2e5ee6..5a7a089634d 100644 --- a/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md +++ b/docs/queries/kubernetes-queries/a31b7b82-d994-48c4-bd21-3bab6c31827a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/deployment_has_no_pod_anti_affinity) ### Description diff --git a/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md b/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md index c90d45c9e27..d5ba6aa0b46 100644 --- a/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md +++ b/docs/queries/kubernetes-queries/a33e9173-b674-4dfb-9d82-cf3754816e4b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_containers_share_host_network_namespace) ### Description diff --git a/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md b/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md index 4740169c317..6c903cee1f3 100644 --- a/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md +++ b/docs/queries/kubernetes-queries/a5530bd7-225a-48f9-91bb-f40b04200165.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_lookup_set_to_false) ### Description diff --git a/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md b/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md index a15335940f6..b308857d758 100644 --- a/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md +++ b/docs/queries/kubernetes-queries/a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/readiness_probe_is_not_configured) ### Description diff --git a/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md b/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md index cbb1a92ea82..c9c56a98842 100644 --- a/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md +++ b/docs/queries/kubernetes-queries/a6f34658-fdfb-4154-9536-56d516f65828.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/docker_daemon_socket_is_exposed_to_containers) ### Description diff --git a/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md b/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md index 9a24827c0f6..428f7974ad6 100644 --- a/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md +++ b/docs/queries/kubernetes-queries/a77f4d07-c6e0-4a48-8b35-0eeb51576f4f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 829 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/always_pull_images_admission_control_plugin_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md b/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md index 2a2e418d859..1913ef27bb2 100644 --- a/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md +++ b/docs/queries/kubernetes-queries/a97a340a-0063-418e-b3a1-3028941d0995.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_or_container_without_security_context) ### Description diff --git a/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md b/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md index 39b167f9e2c..f2cf5191466 100644 --- a/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md +++ b/docs/queries/kubernetes-queries/a9c2f49d-0671-4fc9-9ece-f4e261e128d0.md @@ -20,11 +20,11 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/root_container_not_mounted_as_read_only) ### Description -Check if the root container filesystem is not being mounted read-only.
+Check if the root container filesystem is not being mounted as read-only.
[Documentation](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) ### Code samples diff --git a/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md b/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md index 7410d83ce5d..09a6ec0cc0e 100644 --- a/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md +++ b/docs/queries/kubernetes-queries/aa8f7a35-9923-4cad-bd61-a19b7f6aac91.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/non_kube_system_pod_with_host_mount) ### Description diff --git a/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md b/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md index 0ce8800457f..92e3591c035 100644 --- a/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md +++ b/docs/queries/kubernetes-queries/ade74944-a674-4e00-859e-c6eab5bde441.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Info - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/liveness_probe_is_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md b/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md index c69cf42a5e4..adf26ab3846 100644 --- a/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md +++ b/docs/queries/kubernetes-queries/ae8827e2-4af9-4baa-9998-87539ae0d6f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/peer_auto_tls_set_to_true) ### Description diff --git a/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md b/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md index 054f8e0426e..65c5f9d65c3 100644 --- a/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md +++ b/docs/queries/kubernetes-queries/afa36afb-39fe-4d94-b9b6-afb236f7a03d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/pod_security_policy_admission_control_plugin_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md b/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md index fe58511ea10..36e0e36cfa6 100644 --- a/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md +++ b/docs/queries/kubernetes-queries/b14d1bc4-a208-45db-92f0-e21f8e2588e9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/memory_limits_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md b/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md index ae5ebf6322e..a14baedf1d6 100644 --- a/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md +++ b/docs/queries/kubernetes-queries/b23e9b98-0cb6-4fc9-b257-1f3270442678.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/deployment_without_pod_disruption_budget) ### Description diff --git a/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md b/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md index e3fd4f84f01..35b33412ec7 100644 --- a/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md +++ b/docs/queries/kubernetes-queries/b7652612-de4e-4466-a0bf-1cd81f0c6063.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/volume_mount_with_os_directory_write_permissions) ### Description diff --git a/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md b/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md index 2e13b39fa98..fb1ecfb3ee4 100644 --- a/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md +++ b/docs/queries/kubernetes-queries/b7bca5c4-1dab-4c2c-8cbe-3050b9d59b14.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_read_secrets_permissions) ### Description diff --git a/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md b/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md index 7a17c3383d0..8568d22959c 100644 --- a/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md +++ b/docs/queries/kubernetes-queries/b7d0181d-0a9b-4611-9d1c-1ad4f0b620ff.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/etcd_peer_client_certificate_authentication_set_to_false) ### Description diff --git a/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md b/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md index ae88bf64804..541198c8cd2 100644 --- a/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md +++ b/docs/queries/kubernetes-queries/b9380fd3-5ffe-4d10-9290-13e18e71eee1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/insecure_bind_address_set) ### Description diff --git a/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md b/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md index e73eaadda28..0c088cb6117 100644 --- a/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md +++ b/docs/queries/kubernetes-queries/b9c83569-459b-4110-8f79-6305aa33cb37.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Info - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/using_kubernetes_native_secret_management) ### Description diff --git a/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md b/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md index e4457a4d6f4..5472f85d26d 100644 --- a/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md +++ b/docs/queries/kubernetes-queries/bb241e61-77c3-4b97-9575-c0f8a1e008d0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_without_service_name) ### Description diff --git a/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md b/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md index aff9ed2f704..075800c03a2 100644 --- a/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md +++ b/docs/queries/kubernetes-queries/bf36b900-b5ef-4828-adb7-70eb543b7cfb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_hostname_override_is_set) ### Description diff --git a/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md b/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md index a1aff0e3cc4..c06f4355138 100644 --- a/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md +++ b/docs/queries/kubernetes-queries/c1032cf7-3628-44e2-bd53-38c17cf31b6b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_service_account) ### Description diff --git a/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md b/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md index 67950902fd4..c349962b19d 100644 --- a/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md +++ b/docs/queries/kubernetes-queries/c48e57d3-d642-4e0b-90db-37f807b41b91.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_set_to_privileged) ### Description diff --git a/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md b/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md index 870c13d786b..0d59110af2e 100644 --- a/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md +++ b/docs/queries/kubernetes-queries/c589f42c-7924-4871-aee2-1cede9bc7cbc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_exec_permission) ### Description diff --git a/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md b/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md index 8c2173b097a..33648fe8d8d 100644 --- a/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md +++ b/docs/queries/kubernetes-queries/ca469dd4-c736-448f-8ac1-30a642705e0a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/cpu_requests_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md b/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md index db595dbb5eb..2d42bad5ac4 100644 --- a/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md +++ b/docs/queries/kubernetes-queries/caa3479d-885d-4882-9aac-95e5e78ef5c2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/image_pull_policy_of_container_is_not_always) ### Description diff --git a/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md b/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md index d292c3ba19e..62a91c246a1 100644 --- a/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md +++ b/docs/queries/kubernetes-queries/caa93370-791f-4fc6-814b-ba6ce0cb4032.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Info - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 770 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/not_limited_capabilities_for_pod_security_policy) ### Description diff --git a/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md b/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md index 9ac83e21beb..38c52ae68e7 100644 --- a/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md +++ b/docs/queries/kubernetes-queries/cb7e695d-6a85-495c-b15f-23aed2519303.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/not_unique_certificate_authority) ### Description diff --git a/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md b/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md index c8b6f3e78cb..bb804b11d28 100644 --- a/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md +++ b/docs/queries/kubernetes-queries/cbd2db69-0b21-4c14-8a40-7710a50571a9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/encryption_provider_config_is_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md b/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md index 25928a0d797..a6425cc64a0 100644 --- a/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md +++ b/docs/queries/kubernetes-queries/ccc98ff7-68a7-436e-9218-185cb0b0b780.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 286 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_private_key_file_not_defined) ### Description diff --git a/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md b/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md index 44d90608ea3..e28040bbd86 100644 --- a/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md +++ b/docs/queries/kubernetes-queries/cd290efd-6c82-4e9d-a698-be12ae31d536.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/shared_host_ipc_namespace) ### Description diff --git a/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md b/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md index ed8c8a65154..744ebcf3185 100644 --- a/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md +++ b/docs/queries/kubernetes-queries/cdc8b54e-6b16-4538-a1b0-35849dbe29cf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_https_set_to_false) ### Description diff --git a/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md b/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md index c20876ecd3b..fc997cb91e8 100644 --- a/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md +++ b/docs/queries/kubernetes-queries/ce30e584-b33f-4c7d-b418-a3d7027f8f60.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/always_admit_admission_control_plugin_set) ### Description diff --git a/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md b/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md index 2ec2999f241..1dbdc4eabfb 100644 --- a/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md +++ b/docs/queries/kubernetes-queries/cf34805e-3872-4c08-bf92-6ff7bb0cfadb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/containers_running_as_root) ### Description diff --git a/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md b/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md index 022328cd9a2..b25ed53a366 100644 --- a/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md +++ b/docs/queries/kubernetes-queries/d2ad057f-0928-41ef-a83c-f59203bb855b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/dashboard_is_enabled) ### Description diff --git a/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md b/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md index 8f671ce89f7..1c18861a489 100644 --- a/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md +++ b/docs/queries/kubernetes-queries/d45330fd-f58d-45fb-a682-6481477a0f84.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/rbac_roles_with_attach_permission) ### Description diff --git a/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md b/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md index a7103edeb2b..bf6164593d1 100644 --- a/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md +++ b/docs/queries/kubernetes-queries/d740d048-8ed3-49d3-b77b-6f072f3b669e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/statefulset_has_no_pod_anti_affinity) ### Description diff --git a/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md b/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md index 383e897abfd..776339fb6db 100644 --- a/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md +++ b/docs/queries/kubernetes-queries/d89a15bb-8dba-4c71-9529-bef6729b9c09.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/request_timeout_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md b/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md index 83586151b53..88c97057770 100644 --- a/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md +++ b/docs/queries/kubernetes-queries/da9f3aa8-fbfb-472f-b5a1-576127944218.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/audit_log_maxage_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md b/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md index a690649fffe..8d26da230da 100644 --- a/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md +++ b/docs/queries/kubernetes-queries/dab4ec72-ce2e-4732-b7c3-1757dcce01a1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/service_account_key_file_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md b/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md index a1f065a9ec1..aa02b2bfd47 100644 --- a/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md +++ b/docs/queries/kubernetes-queries/dbbc6705-d541-43b0-b166-dd4be8208b54.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/net_raw_capabilities_not_being_dropped) ### Description diff --git a/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md b/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md index 8b77d9d7b13..394ed3c0eef 100644 --- a/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md +++ b/docs/queries/kubernetes-queries/dd29336b-fe57-445b-a26e-e6aa867ae609.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/container_is_privileged) ### Description diff --git a/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md b/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md index d5f716ea2b5..28aae049b72 100644 --- a/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md +++ b/docs/queries/kubernetes-queries/de4421f1-4e35-43b4-9783-737dd4e4a47e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/psp_with_unrestricted_access_to_host_path) ### Description diff --git a/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md b/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md index f725564033c..a3c6f4f305e 100644 --- a/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md +++ b/docs/queries/kubernetes-queries/e0099af2-fe17-411f-9991-0de28fe15f3c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/event_rate_limit_admission_control_plugin_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md b/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md index c593d39c3a7..d8139116e21 100644 --- a/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md +++ b/docs/queries/kubernetes-queries/e0e00aba-5f1c-4981-a542-9a9563c0ee20.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 1390 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/client_certificate_authentication_not_setup_properly) ### Description diff --git a/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md b/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md index ef25c0a9bb6..a1489eb48ea 100644 --- a/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md +++ b/docs/queries/kubernetes-queries/e17fa86a-6222-4584-a914-56e8f6c87e06.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 286 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tiller_deployment_is_accessible_from_within_the_cluster) ### Description diff --git a/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md b/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md index 292ce0edf8d..9846b5aa139 100644 --- a/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md +++ b/docs/queries/kubernetes-queries/e3aa0612-4351-4a0d-983f-aefea25cf203.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/root_containers_admitted) ### Description diff --git a/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md b/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md index fa62437acbc..29ca240a18b 100644 --- a/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md +++ b/docs/queries/kubernetes-queries/e84eaf4d-2f45-47b2-abe8-e581b06deb66.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Info - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/ensure_administrative_boundaries_between_resources) ### Description diff --git a/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md b/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md index bdc76a7f281..8278fac06e9 100644 --- a/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md +++ b/docs/queries/kubernetes-queries/ec18a0d3-0069-4a58-a7fb-fbfe0b4bbbe0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_certificate_authority_not_set) ### Description diff --git a/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md b/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md index f2a1b0f7909..3a94eadd8f8 100644 --- a/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md +++ b/docs/queries/kubernetes-queries/ed89b97d-04e9-4fd4-919f-ee5b27e555e9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/kubelet_streaming_connection_timeout_disabled) ### Description diff --git a/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md b/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md index d6b118f9a9d..61218e4fdc6 100644 --- a/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md +++ b/docs/queries/kubernetes-queries/f1f4d8da-1ac4-47d0-b1aa-91e69d33f7d5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/authorization_mode_set_to_always_allow) ### Description diff --git a/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md b/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md index c7bb1f040a1..3d6a37d2fcb 100644 --- a/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md +++ b/docs/queries/kubernetes-queries/f377b83e-bd07-4f48-a591-60c82b14a78b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/seccomp_profile_is_not_configured) ### Description diff --git a/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md b/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md index 20e31afec6a..f4ec644a3a7 100644 --- a/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md +++ b/docs/queries/kubernetes-queries/f922827f-aab6-447c-832a-e1ff63312bd3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/container_runs_unmasked) ### Description diff --git a/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md b/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md index baa09186688..2c814b6657a 100644 --- a/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md +++ b/docs/queries/kubernetes-queries/fa4def8c-1898-4a35-a139-7b76b1acdef0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/insecure_port_not_properly_set) ### Description diff --git a/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md b/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md index 82c29e0305e..621737b8baf 100644 --- a/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md +++ b/docs/queries/kubernetes-queries/fa750c81-93c2-4fab-9c6d-d3fd3ce3b89f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Kubernetes - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/k8s/tls_connection_certificate_not_setup) ### Description diff --git a/docs/queries/openapi-queries.md b/docs/queries/openapi-queries.md index 784b09d3d80..9ce0b102c96 100644 --- a/docs/queries/openapi-queries.md +++ b/docs/queries/openapi-queries.md @@ -47,12 +47,12 @@ Below are listed queries related to OpenAPI 2.0: |Operation Example Mismatch Produces MimeType
2cf35b40-ded3-43d6-9633-c8dcc8bcc822|Info|Structure and Semantics|Query details
Documentation
| |Operation Object Parameters With 'body' And 'formatData' locations
eb3f9744-d24e-4614-b1ff-2a9514eca21c|Info|Structure and Semantics|Query details
Documentation
| |Parameter File Type Not In 'formData'
c3cab8c4-6c52-47a9-942b-c27f26fbd7d2|Info|Structure and Semantics|Query details
Documentation
| -|Parameter JSON Reference Does Not Exists (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|Info|Structure and Semantics|Query details
Documentation
| +|Parameter JSON Reference Does Not Exist (v2)
fb889ae9-2d16-40b5-b41f-9da716c5abc1|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Incorrect Ref (v2)
2596545e-1757-4ff7-a15a-8a9a180a42f3|Info|Structure and Semantics|Query details
Documentation
| |Property Not Unique
750b40be-4bac-4f59-bdc4-1ca0e6c3450e|Info|Structure and Semantics|Query details
Documentation
| |Response Object With Incorrect Ref (v2)
bccfa089-89e4-47e0-a0e5-185fe6902220|Info|Structure and Semantics|Query details
Documentation
| |Responses JSON Reference Does Not Exists (v2)
e9db5fb4-6a84-4abb-b4af-3b94fbdace6d|Info|Structure and Semantics|Query details
Documentation
| -|Schema JSON Reference Does Not Exists (v2)
98295b32-ec09-4b5b-89a9-39853197f914|Info|Structure and Semantics|Query details
Documentation
| +|Schema JSON Reference Does Not Exist (v2)
98295b32-ec09-4b5b-89a9-39853197f914|Info|Structure and Semantics|Query details
Documentation
| |Schema Object Incorrect Ref (v2)
0220e1c5-65d1-49dd-b7c2-cef6d6cb5283|Info|Structure and Semantics|Query details
Documentation
| |Unknown Property (v2)
429b2106-ba37-43ba-9727-7f699cc611e1|Info|Structure and Semantics|Query details
Documentation
| @@ -101,33 +101,33 @@ Below are listed queries related to OpenAPI 3.0: |Property 'explode' of Encoding Object Ignored
a4dd69b8-49fa-45d2-a060-c76655405b05|Info|Best Practices|Query details
Documentation
| |Property 'style' of Encoding Object Ignored
d3ea644a-9a5c-4fee-941f-f8a6786c0470|Info|Best Practices|Query details
Documentation
| |Unknown Prefix (v3)
a5375be3-521c-43bb-9eab-e2432e368ee4|Info|Best Practices|Query details
Documentation
| -|Callback JSON Reference Does Not Exists
f29904c8-6041-4bca-b043-dfa0546b8079|Info|Structure and Semantics|Query details
Documentation
| +|Callback JSON Reference Does Not Exist
f29904c8-6041-4bca-b043-dfa0546b8079|Info|Structure and Semantics|Query details
Documentation
| |Callback Object With Incorrect Ref
ba066cda-e808-450d-92b6-f29109754d45|Info|Structure and Semantics|Query details
Documentation
| |Components Object Fixed Field Key Improperly Named
151331e2-11f4-4bb6-bd35-9a005e695087|Info|Structure and Semantics|Query details
Documentation
| |Empty Array
5915c20f-dffa-4cee-b5d4-f457ddc0151a|Info|Structure and Semantics|Query details
Documentation
| |Encoding Map Key Mismatch Schema Defined Properties
cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b|Info|Structure and Semantics|Query details
Documentation
| -|Example JSON Reference Does Not Exists
6a2c219f-da5e-4745-941e-5ea8cde23356|Info|Structure and Semantics|Query details
Documentation
| +|Example JSON Reference Does Not Exist
6a2c219f-da5e-4745-941e-5ea8cde23356|Info|Structure and Semantics|Query details
Documentation
| |Example JSON Reference Outside Components Examples
bac56e3c-1f71-4a74-8ae6-2fba07efcddb|Info|Structure and Semantics|Query details
Documentation
| -|Header JSON Reference Does Not Exists
376c9390-7e9e-4cb8-a067-fd31c05451fd|Info|Structure and Semantics|Query details
Documentation
| +|Header JSON Reference Does Not Exist
376c9390-7e9e-4cb8-a067-fd31c05451fd|Info|Structure and Semantics|Query details
Documentation
| |Header Object With Incorrect Ref
2d6646f4-2946-420f-8c14-3232d49ae0cb|Info|Structure and Semantics|Query details
Documentation
| |Invalid Content Type For Multiple Files Upload
26f06397-36d8-4ce7-b993-17711261d777|Info|Structure and Semantics|Query details
Documentation
| -|Link JSON Reference Does Not Exists
801f0c6a-a834-4467-89c6-ddecffb46b5a|Info|Structure and Semantics|Query details
Documentation
| +|Link JSON Reference Does Not Exist
801f0c6a-a834-4467-89c6-ddecffb46b5a|Info|Structure and Semantics|Query details
Documentation
| |Link Object Incorrect Ref
b9db8a10-020c-49ca-88c6-780e5fdb4328|Info|Structure and Semantics|Query details
Documentation
| |Link Object OperationId Does Not Target Operation Object
c5bb7461-aa57-470b-a714-3bc3d74f4669|Info|Structure and Semantics|Query details
Documentation
| |Link Object With Both 'operationId' And 'operationRef'
60fb6621-9f02-473b-9424-ba9a825747d3|Info|Structure and Semantics|Query details
Documentation
| |Object Without Required Property (v3)
d172a060-8569-4412-8045-3560ebd477e8|Info|Structure and Semantics|Query details
Documentation
| -|Parameter JSON Reference Does Not Exists (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|Info|Structure and Semantics|Query details
Documentation
| +|Parameter JSON Reference Does Not Exist (v3)
2e275f16-b627-4d3f-ae73-a6153a23ae8f|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object Content With Multiple Entries
8bfed1c6-2d59-4924-bc7f-9b9d793ed0df|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Incorrect Ref (v3)
d40f27e6-15fb-4b56-90f8-fc0ff0291c51|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Schema And Content
31dd6fc0-f274-493b-9614-e063086c19fc|Info|Structure and Semantics|Query details
Documentation
| |Parameter Object With Undefined Type
46facedc-f243-4108-ab33-583b807d50b0|Info|Structure and Semantics|Query details
Documentation
| |Property 'allowReserved' Improperly Defined
7f203940-39c4-4ea7-91ee-7aba16bca9e2|Info|Structure and Semantics|Query details
Documentation
| -|Request Body JSON Reference Does Not Exists
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|Info|Structure and Semantics|Query details
Documentation
| +|Request Body JSON Reference Does Not Exist
ca02f4e8-d3ae-4832-b7db-bb037516d9e7|Info|Structure and Semantics|Query details
Documentation
| |Request Body Object With Incorrect Media Type
58f06434-a88c-4f74-826c-db7e10cc7def|Info|Structure and Semantics|Query details
Documentation
| |Request Body With Incorrect Ref
0f6cd0ab-c366-4595-84fc-fbd8b9901e4d|Info|Structure and Semantics|Query details
Documentation
| -|Response JSON Reference Does Not Exists (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|Info|Structure and Semantics|Query details
Documentation
| +|Response JSON Reference Does Not Exist (v3)
7a01dfbd-da62-4165-aed7-71349ad42ab4|Info|Structure and Semantics|Query details
Documentation
| |Response Object With Incorrect Ref (v3)
b3871dd8-9333-4d6c-bd52-67eb898b71ab|Info|Structure and Semantics|Query details
Documentation
| -|Schema JSON Reference Does Not Exists (v3)
015eac96-6313-43c0-84e5-81b1374fa637|Info|Structure and Semantics|Query details
Documentation
| +|Schema JSON Reference Does Not Exist (v3)
015eac96-6313-43c0-84e5-81b1374fa637|Info|Structure and Semantics|Query details
Documentation
| |Schema Object Incorrect Ref (v3)
4cac7ace-b0fb-477d-830d-65395d9109d9|Info|Structure and Semantics|Query details
Documentation
| |Schema With Both ReadOnly And WriteOnly
d2361d58-361c-49f0-9e50-b957fd608b29|Info|Structure and Semantics|Query details
Documentation
| |Security Field Undefined
ab1263c2-81df-46f0-9f2c-0b62fdb68419|Info|Structure and Semantics|Query details
Documentation
| @@ -146,29 +146,29 @@ Below are listed queries related to OpenAPI SHARED (V2/V3): | Query |Severity|Category|More info| |------------------------------|--------|--------|-----------| -|Global Security Field Has An Empty Array (v2)
da31d54b-ad54-41dc-95eb-8b3828629213|High|Access Control|
Documentation
| +|Global Security Field Has An Empty Array (v2)
da31d54b-ad54-41dc-95eb-8b3828629213|High|Access Control|Security object need to have defined rules in its array and rules should be defined on securityScheme
Documentation
| |Global Security Field Has An Empty Array (v3)
d674aea4-ba8b-454b-bb97-88a772ea33f0|High|Access Control|Query details
Documentation
| -|Global security field has an empty object (v2)
292919fb-7b26-4454-bee9-ce29094768dd|High|Access Control|
Documentation
| +|Global security field has an empty object (v2)
292919fb-7b26-4454-bee9-ce29094768dd|High|Access Control|Global security definition must not have empty objects
Documentation
| |Global security field has an empty object (v3)
543e38f4-1eee-479e-8eb0-15257013aa0a|High|Access Control|Query details
Documentation
| |Global Security Field Is Undefined (v2)
74703c89-0ea2-49ab-a7db-bf04f19f5a57|High|Access Control|Global security field should be defined to prevent API to have insecure paths and have this rules defined on securityDefinitions
Documentation
| |Global Security Field Is Undefined (v3)
8af270ce-298b-4405-9922-82a10aee7a4f|High|Access Control|Query details
Documentation
| -|No Global And Operation Security Defined (v2)
586abcee-9653-462d-ad7b-2638a32bd6e6|High|Access Control|
Documentation
| +|No Global And Operation Security Defined (v2)
586abcee-9653-462d-ad7b-2638a32bd6e6|High|Access Control|All paths should have security scheme, if it is omitted, global security field should be defined
Documentation
| |No Global And Operation Security Defined (v3)
96729c6b-7400-4d9e-9807-17f00cdde4d2|High|Access Control|Query details
Documentation
| -|Security Field On Operations Has An Empty Array (v2)
5d29effc-5d68-481f-9721-d74e5919226b|High|Access Control|
Documentation
| +|Security Field On Operations Has An Empty Array (v2)
5d29effc-5d68-481f-9721-d74e5919226b|High|Access Control|Security object for operations, if defined, must define a security scheme, otherwise it should be considered an error
Documentation
| |Security Field On Operations Has An Empty Array (v3)
663c442d-f918-4f62-b096-0bf5dcbeb655|High|Access Control|Query details
Documentation
| -|Security Field On Operations Has An Empty Object Definition (v2)
74581e3b-1d55-4323-a139-5959a7b3abc5|High|Access Control|
Documentation
| +|Security Field On Operations Has An Empty Object Definition (v2)
74581e3b-1d55-4323-a139-5959a7b3abc5|High|Access Control|Security object for operations should not be empty object or has any empty object definition
Documentation
| |Security Field On Operations Has An Empty Object Definition (v3)
baade968-7467-41e4-bf22-83ca222f5800|High|Access Control|Query details
Documentation
| |Array Without Maximum Number of Items (v2)
99eb2c95-2040-4104-9e7c-e16f7474d218|Medium|Insecure Configurations|Array schema/parameter should have the field 'maxItems' set
Documentation
| |Array Without Maximum Number of Items (v3)
6998389e-66b2-473d-8d05-c8d71ac4d04d|Medium|Insecure Configurations|Query details
Documentation
| -|JSON Object Schema Without Properties (v2)
3d28f751-bc18-4f83-ace0-216b6086410b|Medium|Insecure Configurations|
Documentation
| +|JSON Object Schema Without Properties (v2)
3d28f751-bc18-4f83-ace0-216b6086410b|Medium|Insecure Configurations|Schema of the JSON object should have properties defined and 'additionalProperties' set to false.
Documentation
| |JSON Object Schema Without Properties (v3)
9d967a2b-9d64-41a6-abea-dfc4960299bd|Medium|Insecure Configurations|Query details
Documentation
| -|JSON Object Schema Without Type (v2)
62d52544-82ef-4b75-8308-cad49d50212b|Medium|Insecure Configurations|
Documentation
| +|JSON Object Schema Without Type (v2)
62d52544-82ef-4b75-8308-cad49d50212b|Medium|Insecure Configurations|Schema of the JSON object should have 'type' defined.
Documentation
| |JSON Object Schema Without Type (v3)
e2ffa504-d22a-4c94-b6c5-f661849d2db7|Medium|Insecure Configurations|Query details
Documentation
| |Pattern Undefined (v2)
afde15cf-9444-4126-8c62-41cd79db1d1d|Medium|Insecure Configurations|String schema/parameter/header should have 'pattern' defined.
Documentation
| |Pattern Undefined (v3)
00b78adf-b83f-419c-8ed8-c6018441dd3a|Medium|Insecure Configurations|Query details
Documentation
| -|Schema Object is Empty (v2)
967575e5-eb44-4c24-aadb-7e33608ed30a|Medium|Insecure Configurations|
Documentation
| +|Schema Object is Empty (v2)
967575e5-eb44-4c24-aadb-7e33608ed30a|Medium|Insecure Configurations|The Schema Object should not be empty to avoid accepting any JSON values
Documentation
| |Schema Object is Empty (v3)
500ce696-d501-41dd-86eb-eceb011a386f|Medium|Insecure Configurations|Query details
Documentation
| -|Response on operations that should have a body has undefined schema (v2)
31afbcb7-70e0-48bb-a31a-3374f95cf859|Medium|Networking and Firewall|
Documentation
| +|Response on operations that should have a body has undefined schema (v2)
31afbcb7-70e0-48bb-a31a-3374f95cf859|Medium|Networking and Firewall|If a response is not head or its code is not 204 or 304, it should have a schema defined
Documentation
| |Response on operations that should have a body has undefined schema (v3)
a92be1d5-d762-484a-86d6-8cd0907ba100|Medium|Networking and Firewall|Query details
Documentation
| |API Key Exposed In Global Security (v2)
533a0d13-6e89-4551-ae33-bce14e5849c1|Low|Access Control|API Keys should be transported using a secure method such as HTTPS. Define a security scheme that uses a secure method to transport the API key.
Documentation
| |API Key Exposed In Global Security (v3)
aecee30b-8ea1-4776-a99c-d6d600f0862f|Low|Access Control|Query details
Documentation
| @@ -176,117 +176,117 @@ Below are listed queries related to OpenAPI SHARED (V2/V3): |API Key Exposed In Operation Security (v3)
281b8071-6226-4a43-911d-fec246d422c2|Low|Access Control|Query details
Documentation
| |Array Items Has No Type (v2)
8697a1a4-82c6-4603-8ac8-57529756744e|Low|Insecure Configurations|Schema/Parameter array items type should be defined
Documentation
| |Array Items Has No Type (v3)
be0e0df7-f3d9-42a1-9b6f-d425f94872c4|Low|Insecure Configurations|Query details
Documentation
| -|Invalid Format (v2)
caf1793e-95dd-4b18-8d90-8f3c0ab5bddf|Low|Insecure Configurations|
Documentation
| +|Invalid Format (v2)
caf1793e-95dd-4b18-8d90-8f3c0ab5bddf|Low|Insecure Configurations|The format should be valid for the type defined. For integer type must be int32 or int64 and number type must be float or double
Documentation
| |Invalid Format (v3)
d929c031-078f-4241-b802-e224656ad890|Low|Insecure Configurations|Query details
Documentation
| |Maximum Length Undefined (v2)
2ec86e48-ab90-4cb6-a131-0502afd1f442|Low|Insecure Configurations|String schema/parameter/header should have 'maxLength' defined.
Documentation
| |Maximum Length Undefined (v3)
8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85|Low|Insecure Configurations|Query details
Documentation
| -|Numeric Schema Without Format (v2)
3ed8fc82-c2bb-49e0-811f-c53923674c49|Low|Insecure Configurations|
Documentation
| +|Numeric Schema Without Format (v2)
3ed8fc82-c2bb-49e0-811f-c53923674c49|Low|Insecure Configurations|Numeric schema (type set to 'integer' or 'number') should have 'format' defined.
Documentation
| |Numeric Schema Without Format (v3)
fbf699b5-ef74-4542-9cf1-f6eeac379373|Low|Insecure Configurations|Query details
Documentation
| -|Numeric Schema Without Maximum (v2)
203eee11-15b6-4d47-b888-4c7f534967ee|Low|Insecure Configurations|
Documentation
| +|Numeric Schema Without Maximum (v2)
203eee11-15b6-4d47-b888-4c7f534967ee|Low|Insecure Configurations|Numeric schema (type set to 'integer' or 'number') should have 'maximum' defined.
Documentation
| |Numeric Schema Without Maximum (v3)
2ea04bef-c769-409e-9179-ee3a50b5c0ac|Low|Insecure Configurations|Query details
Documentation
| -|Numeric Schema Without Minimum (v2)
efd1dfc8-da91-4909-a3f3-c23abc5ec799|Low|Insecure Configurations|
Documentation
| +|Numeric Schema Without Minimum (v2)
efd1dfc8-da91-4909-a3f3-c23abc5ec799|Low|Insecure Configurations|Numeric schema (type set to 'integer' or 'number') should have 'minimum' defined.
Documentation
| |Numeric Schema Without Minimum (v3)
181bd815-767e-4e95-a24d-bb3c87328e19|Low|Insecure Configurations|Query details
Documentation
| -|String Schema with Broad Pattern (v2)
e4a019f0-9af3-49c8-bf68-1939a6ff240d|Low|Insecure Configurations|
Documentation
| +|String Schema with Broad Pattern (v2)
e4a019f0-9af3-49c8-bf68-1939a6ff240d|Low|Insecure Configurations|String schema should restrict the pattern
Documentation
| |String Schema with Broad Pattern (v3)
8c81d6c0-716b-49ec-afa5-2d62da4e3f3c|Low|Insecure Configurations|Query details
Documentation
| -|Default Response Undefined On Operations (v2)
5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f|Low|Networking and Firewall|
Documentation
| +|Default Response Undefined On Operations (v2)
5f34c7ae-4f3f-4cbb-8fe3-a11d6961062f|Low|Networking and Firewall|Operations responses should have a default response defined
Documentation
| |Default Response Undefined On Operations (v3)
86e3702f-c868-44b2-b61d-ea5316c18110|Low|Networking and Firewall|Query details
Documentation
| -|Response Code Missing (v2)
6e96ed39-bf45-4089-99ba-f1fe7cf6966f|Low|Networking and Firewall|
Documentation
| +|Response Code Missing (v2)
6e96ed39-bf45-4089-99ba-f1fe7cf6966f|Low|Networking and Firewall|500, 429 and 400 responses should be defined for all operations, except head operation. 415 response should be defined for the post, put, and patch operations. 404 response should be defined for the get, put, head, delete operations. 200 response should be defined for options operation. 401 and 403 response should be defined for all operations when the security field is defined.
Documentation
| |Response Code Missing (v3)
6c35d2c6-09f2-4e5c-a094-e0e91327071d|Low|Networking and Firewall|Query details
Documentation
| |Response on operations that should not have a body has declared content (v2)
268defd2-2839-4e15-8cbc-de86eb38c231|Low|Networking and Firewall|If a response is head or its code is 204 or 304, it shouldn't have a schema defined
Documentation
| |Response on operations that should not have a body has declared content (v3)
12a7210b-f4b4-47d0-acac-0a819e2a0ca3|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Delete Operation (v2)
ad432855-b7fb-4429-92a3-93b5ce34f0b1|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Delete Operation (v2)
ad432855-b7fb-4429-92a3-93b5ce34f0b1|Low|Networking and Firewall|Delete should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Delete Operation (v3)
3b497874-ae59-46dd-8d72-1868a3b8f150|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Get Operation (v2)
9b633f3b-c94b-4fbb-a65b-1a4e9134fb63|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Get Operation (v2)
9b633f3b-c94b-4fbb-a65b-1a4e9134fb63|Low|Networking and Firewall|Get should define at least one success response (200 or 202)
Documentation
| |Success Response Code Undefined for Get Operation (v3)
b2f275be-7d64-4064-b418-be6b431363a7|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Head Operation (v2)
4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Head Operation (v2)
4f0b30e3-a498-4dd7-b3f2-f4b6471a8d5a|Low|Networking and Firewall|Head should define at least one success response (200 or 202)
Documentation
| |Success Response Code Undefined for Head Operation (v3)
3b066059-f411-4554-ac8d-96f32bff90da|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Patch Operation (v2)
f36e87cc-a209-4f37-8571-66833e4aead7|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Patch Operation (v2)
f36e87cc-a209-4f37-8571-66833e4aead7|Low|Networking and Firewall|Patch should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Patch Operation (v3)
1908a8ee-927d-4166-8f18-241152170cc1|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Post Operation (v2)
9fedee41-2e6d-4091-b011-4a16b4c18c70|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Post Operation (v2)
9fedee41-2e6d-4091-b011-4a16b4c18c70|Low|Networking and Firewall|Post should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Post Operation (v3)
f368dd2d-9344-4146-a05b-7c6faa1269ad|Low|Networking and Firewall|Query details
Documentation
| -|Success Response Code Undefined for Put Operation (v2)
965a043f-5f3c-4d0a-be72-d9ce12fdb4d6|Low|Networking and Firewall|
Documentation
| +|Success Response Code Undefined for Put Operation (v2)
965a043f-5f3c-4d0a-be72-d9ce12fdb4d6|Low|Networking and Firewall|Put should define at least one success response (200, 201, 202 or 204)
Documentation
| |Success Response Code Undefined for Put Operation (v3)
60b5f56b-66ff-4e1c-9b62-5753e16825bc|Low|Networking and Firewall|Query details
Documentation
| -|Example Not Compliant With Schema Type (v2)
448db771-06ea-4dee-b48c-1689cbfb4b43|Info|Best Practices|
Documentation
| +|Example Not Compliant With Schema Type (v2)
448db771-06ea-4dee-b48c-1689cbfb4b43|Info|Best Practices|Examples values and fields should be compliant with the schema type
Documentation
| |Example Not Compliant With Schema Type (v3)
881a6e71-c2a7-4fe2-b9c3-dfcf08895331|Info|Best Practices|Query details
Documentation
| -|Header Parameter Named as 'Accept' (v2)
3ddd74cc-6582-486c-8b0c-2b48cb38e0a3|Info|Best Practices|
Documentation
| +|Header Parameter Named as 'Accept' (v2)
3ddd74cc-6582-486c-8b0c-2b48cb38e0a3|Info|Best Practices|The header Parameter should not be named as 'Accept'. If so, it will be ignored.
Documentation
| |Header Parameter Named as 'Accept' (v3)
f2702af5-6016-46cb-bbc8-84c766032095|Info|Best Practices|Query details
Documentation
| -|Header Parameter Named as 'Authorization' (v2)
e2e00c97-7171-4fb4-b461-d631df9a711c|Info|Best Practices|
Documentation
| +|Header Parameter Named as 'Authorization' (v2)
e2e00c97-7171-4fb4-b461-d631df9a711c|Info|Best Practices|The header Parameter should not be named as 'Authorization'. If so, it will be ignored.
Documentation
| |Header Parameter Named as 'Authorization' (v3)
8c84f75e-5048-4926-a4cb-33e7b3431300|Info|Best Practices|Query details
Documentation
| -|Header Parameter Named as 'Content-Type' (v2)
51978067-3b22-4c29-aaf3-96bf0bc28897|Info|Best Practices|
Documentation
| +|Header Parameter Named as 'Content-Type' (v2)
51978067-3b22-4c29-aaf3-96bf0bc28897|Info|Best Practices|The header Parameter should not be named as 'Content-Type'. If so, it will be ignored.
Documentation
| |Header Parameter Named as 'Content-Type' (v3)
72d259ca-9741-48dd-9f62-eb11f2936b37|Info|Best Practices|Query details
Documentation
| -|Header Response Name Is Invalid (v2)
86733e01-a435-4bd5-a8b0-5108be9dc1e4|Info|Best Practices|
Documentation
| +|Header Response Name Is Invalid (v2)
86733e01-a435-4bd5-a8b0-5108be9dc1e4|Info|Best Practices|The Header Response should not be named as 'Content-Type', 'Authorization' or 'Accept'. If so, it will be ignored.
Documentation
| |Header Response Name Is Invalid (v3)
d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd|Info|Best Practices|Query details
Documentation
| -|Invalid Contact Email (v2)
d83bebc8-4e5e-4241-b783-cba9fb5a1c9a|Info|Best Practices|
Documentation
| +|Invalid Contact Email (v2)
d83bebc8-4e5e-4241-b783-cba9fb5a1c9a|Info|Best Practices|Contact Object Email should be a valid email
Documentation
| |Invalid Contact Email (v3)
b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7|Info|Best Practices|Query details
Documentation
| -|Invalid Contact URL (v2)
c7000383-16d0-4509-8cd3-585e5ea2e2f2|Info|Best Practices|
Documentation
| +|Invalid Contact URL (v2)
c7000383-16d0-4509-8cd3-585e5ea2e2f2|Info|Best Practices|Contact Object URL should be a valid URL
Documentation
| |Invalid Contact URL (v3)
332cf2ad-380d-4b90-b436-46f8e635cf38|Info|Best Practices|Query details
Documentation
| -|Invalid Global External Documentation URL (v2)
46d3b74d-9fe9-45bf-9e9e-efb7f701ee28|Info|Best Practices|
Documentation
| +|Invalid Global External Documentation URL (v2)
46d3b74d-9fe9-45bf-9e9e-efb7f701ee28|Info|Best Practices|Global External Documentation URL should be a valid URL
Documentation
| |Invalid Global External Documentation URL (v3)
b2d9dbf6-539c-4374-a1fd-210ddf5563a8|Info|Best Practices|Query details
Documentation
| -|Invalid License URL (v2)
de2b4910-8484-46d6-a055-dc1e793ee3ff|Info|Best Practices|
Documentation
| +|Invalid License URL (v2)
de2b4910-8484-46d6-a055-dc1e793ee3ff|Info|Best Practices|License Object URL should be a valid URL
Documentation
| |Invalid License URL (v3)
9239c289-9e4c-4d92-8be1-9d506057c971|Info|Best Practices|Query details
Documentation
| -|Invalid Operation External Documentation URL (v2)
25635c31-ee32-4708-88e5-fced87516f51|Info|Best Practices|
Documentation
| +|Invalid Operation External Documentation URL (v2)
25635c31-ee32-4708-88e5-fced87516f51|Info|Best Practices|Operation External Documentation URL should be a valid URL
Documentation
| |Invalid Operation External Documentation URL (v3)
5ea61624-3733-4a3a-8ca4-b96fec9c5aeb|Info|Best Practices|Query details
Documentation
| -|Invalid Schema External Documentation URL (v2)
f7fa95b7-d819-484c-9a2b-665dd1bba25e|Info|Best Practices|
Documentation
| +|Invalid Schema External Documentation URL (v2)
f7fa95b7-d819-484c-9a2b-665dd1bba25e|Info|Best Practices|Schema External Documentation URL should be a valid URL
Documentation
| |Invalid Schema External Documentation URL (v3)
6952a7e0-6e48-4285-bbc1-27c64e60f888|Info|Best Practices|Query details
Documentation
| -|Invalid Tag External Documentation URL (v2)
b4a7d925-738b-4219-99d9-87d6ee262a03|Info|Best Practices|
Documentation
| +|Invalid Tag External Documentation URL (v2)
b4a7d925-738b-4219-99d9-87d6ee262a03|Info|Best Practices|Tag External Documentation URL should be a valid URL
Documentation
| |Invalid Tag External Documentation URL (v3)
5aea1d7e-b834-4749-b143-2c7ec3bd5922|Info|Best Practices|Query details
Documentation
| -|JSON '$ref' alongside other properties (v2)
f34c1c68-4773-4df0-a103-6e2ca32e585f|Info|Best Practices|
Documentation
| +|JSON '$ref' alongside other properties (v2)
f34c1c68-4773-4df0-a103-6e2ca32e585f|Info|Best Practices|Each field on Open API specification which accepts '$ref', infers that field is using a reference object, which has only '$ref' key
Documentation
| |JSON '$ref' alongside other properties (v3)
96beb800-566f-49a9-a0ea-dbdf4bc80429|Info|Best Practices|Query details
Documentation
| |Object Using Enum With Keyword (v2)
7f15962a-d862-451c-ac9b-84ec13747aa6|Info|Best Practices|Schema/Parameter/Header Object properties should not contain 'enum' and schema keywords
Documentation
| |Object Using Enum With Keyword (v3)
2e9b6612-8f69-42e0-a5b8-ed17739c2f3a|Info|Best Practices|Query details
Documentation
| -|Operation Without Successful HTTP Status Code (v2)
a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2|Info|Best Practices|
Documentation
| +|Operation Without Successful HTTP Status Code (v2)
a1ee6ebe-3877-42ec-b9a6-e524e7d06aa2|Info|Best Practices|Operation Object should have at least one successful HTTP status code defined
Documentation
| |Operation Without Successful HTTP Status Code (v3)
48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd|Info|Best Practices|Query details
Documentation
| -|Path Without Operation (v2)
609cd557-66b4-41fa-8edd-2abc6c7cfd08|Info|Best Practices|
Documentation
| +|Path Without Operation (v2)
609cd557-66b4-41fa-8edd-2abc6c7cfd08|Info|Best Practices|Path object should have at least one operation object defined
Documentation
| |Path Without Operation (v3)
84c826c9-1893-4b34-8cdd-db97645b4bf3|Info|Best Practices|Query details
Documentation
| -|Required Property With Default Value (v2)
f7ab6c83-ef89-40e1-8a99-32e2599fb665|Info|Best Practices|
Documentation
| +|Required Property With Default Value (v2)
f7ab6c83-ef89-40e1-8a99-32e2599fb665|Info|Best Practices|Required properties receive value from requests, which makes unnecessary declare a default value
Documentation
| |Required Property With Default Value (v3)
013bdb4b-9246-4248-b0c3-7fb0fee42a29|Info|Best Practices|Query details
Documentation
| |Default Invalid (v2)
78dfd8f0-a6ee-48ec-af8c-e4d9b3292a07|Info|Structure and Semantics|The field 'default' of Schema/Parameter/Header Object should be consistent with the schema's/parameter's/header's type
Documentation
| |Default Invalid (v3)
a96bbc06-8cde-4295-ad3c-ee343a7f658e|Info|Structure and Semantics|Query details
Documentation
| -|Items Undefined (v2)
3e4d34d2-36cf-4449-976d-6c256db8fc49|Info|Structure and Semantics|
Documentation
| +|Items Undefined (v2)
3e4d34d2-36cf-4449-976d-6c256db8fc49|Info|Structure and Semantics|Schema/Parameter items should be defined when the schema/parameter is set to an array.
Documentation
| |Items Undefined (v3)
a8e859da-4a43-4e7f-94b8-25d6e3bf8e90|Info|Structure and Semantics|Query details
Documentation
| -|Non-Array Schema With Items (v2)
9d47956b-29cd-43b1-9e6e-b39a4d484353|Info|Structure and Semantics|
Documentation
| +|Non-Array Schema With Items (v2)
9d47956b-29cd-43b1-9e6e-b39a4d484353|Info|Structure and Semantics|Non-Array Schema should not have 'items' defined
Documentation
| |Non-Array Schema With Items (v3)
20cb3159-b219-496b-8dac-54ae3ab2021a|Info|Structure and Semantics|Query details
Documentation
| -|OperationId Not Unique (v2)
21245007-91c4-40e5-964e-40c85d1e5aa6|Info|Structure and Semantics|
Documentation
| +|OperationId Not Unique (v2)
21245007-91c4-40e5-964e-40c85d1e5aa6|Info|Structure and Semantics|OperationId should be unique when defined
Documentation
| |OperationId Not Unique (v3)
c254adc4-ef25-46e1-8270-b7944adb4198|Info|Structure and Semantics|Query details
Documentation
| -|Parameter Objects Headers With Duplicated Name (v2)
bd2cbef5-62c4-40f1-af07-4b7f9ced6616|Info|Structure and Semantics|
Documentation
| +|Parameter Objects Headers With Duplicated Name (v2)
bd2cbef5-62c4-40f1-af07-4b7f9ced6616|Info|Structure and Semantics|Parameter Objects should not have duplicate names for 'header' location, since HTTP headers are not case sensitive.
Documentation
| |Parameter Objects Headers With Duplicated Name (v3)
05505192-ba2c-4a81-9b25-dcdbcc973746|Info|Structure and Semantics|Query details
Documentation
| -|Parameters Name In Combination Not Unique (v2)
ab871897-ec02-4835-9818-702536ee1dda|Info|Structure and Semantics|
Documentation
| +|Parameters Name In Combination Not Unique (v2)
ab871897-ec02-4835-9818-702536ee1dda|Info|Structure and Semantics|Parameters properties 'name' and 'in' should have unique combinations
Documentation
| |Parameters Name In Combination Not Unique (v3)
f5b2e6af-76f5-496d-8482-8f898c5fdb4a|Info|Structure and Semantics|Query details
Documentation
| -|Path Is Ambiguous (v2)
b2468463-3ac4-4930-890c-f35b2bf4485d|Info|Structure and Semantics|
Documentation
| +|Path Is Ambiguous (v2)
b2468463-3ac4-4930-890c-f35b2bf4485d|Info|Structure and Semantics|All path should be unique, if has more than one operation, all operations should be part of same Path Object
Documentation
| |Path Is Ambiguous (v3)
237402e2-c2f0-46c9-9cf5-286160cf7bfc|Info|Structure and Semantics|Query details
Documentation
| -|Path Parameter Not Required (v2)
ccd0613f-cb77-4684-a892-183bd2674d12|Info|Structure and Semantics|
Documentation
| +|Path Parameter Not Required (v2)
ccd0613f-cb77-4684-a892-183bd2674d12|Info|Structure and Semantics|The property 'required' determines whether the parameter is mandatory. If the parameter location is 'path', this property is required and its value must be true.
Documentation
| |Path Parameter Not Required (v3)
0de50145-e845-47f4-9a15-23bcf2125710|Info|Structure and Semantics|Query details
Documentation
| -|Path Parameter With No Corresponding Template Path (v2)
194ef1f8-360e-4c14-8ed2-e83e2bafa142|Info|Structure and Semantics|
Documentation
| +|Path Parameter With No Corresponding Template Path (v2)
194ef1f8-360e-4c14-8ed2-e83e2bafa142|Info|Structure and Semantics|The path parameter must have a corresponding template path for a given operation
Documentation
| |Path Parameter With No Corresponding Template Path (v3)
69d7aefd-149d-47b8-8d89-1c2181a8067b|Info|Structure and Semantics|Query details
Documentation
| -|Path Template is Empty (v2)
c201b7ad-6173-4598-a407-5edb04a1bcd7|Info|Structure and Semantics|
Documentation
| +|Path Template is Empty (v2)
c201b7ad-6173-4598-a407-5edb04a1bcd7|Info|Structure and Semantics|All path templates should not be empty
Documentation
| |Path Template is Empty (v3)
ae13a37d-943b-47a7-a970-83c8598bcca3|Info|Structure and Semantics|Query details
Documentation
| -|Paths Object is Empty (v2)
3e6c7b1c-8a8d-43ab-98b9-65159f44db4a|Info|Structure and Semantics|
Documentation
| +|Paths Object is Empty (v2)
3e6c7b1c-8a8d-43ab-98b9-65159f44db4a|Info|Structure and Semantics|Paths object may be empty due to ACL constraints, meaning they are not exposed
Documentation
| |Paths Object is Empty (v3)
815021c8-a50c-46d9-b192-24f71072c400|Info|Structure and Semantics|Query details
Documentation
| -|Properties Missing Required Property (v2)
71beb6ab-8b70-4816-a9ac-a0ff1fb22a62|Info|Structure and Semantics|
Documentation
| +|Properties Missing Required Property (v2)
71beb6ab-8b70-4816-a9ac-a0ff1fb22a62|Info|Structure and Semantics|Schema Object should have all required properties defined
Documentation
| |Properties Missing Required Property (v3)
3fb03214-25d4-4bd4-867c-c2d8d708a483|Info|Structure and Semantics|Query details
Documentation
| -|Property 'allowEmptyValue' Improperly Defined (v2)
0bc1477d-0922-478b-ae16-674a7634a1a8|Info|Structure and Semantics|
Documentation
| +|Property 'allowEmptyValue' Improperly Defined (v2)
0bc1477d-0922-478b-ae16-674a7634a1a8|Info|Structure and Semantics|Property 'allowEmptyValue' should be only defined for query parameters and formData parameters
Documentation
| |Property 'allowEmptyValue' Improperly Defined (v3)
4bcbcd52-3028-469f-bc14-02c7dbba2df2|Info|Structure and Semantics|Query details
Documentation
| -|Property Defining Minimum Greater Than Maximum (v2)
b5102ea9-6527-4bb7-94fc-9b4076150e55|Info|Structure and Semantics|
Documentation
| +|Property Defining Minimum Greater Than Maximum (v2)
b5102ea9-6527-4bb7-94fc-9b4076150e55|Info|Structure and Semantics|Property defining minimum has greater value than maximum defined
Documentation
| |Property Defining Minimum Greater Than Maximum (v3)
ab2af219-cd08-4233-b5a1-a788aac88b51|Info|Structure and Semantics|Query details
Documentation
| -|Responses Object Is Empty (v2)
6172e7ab-d2b7-45f8-a7db-1603931d8ba3|Info|Structure and Semantics|
Documentation
| +|Responses Object Is Empty (v2)
6172e7ab-d2b7-45f8-a7db-1603931d8ba3|Info|Structure and Semantics|Responses Object should not be empty
Documentation
| |Responses Object Is Empty (v3)
990eaf09-d6f1-4c3c-b174-a517b1de8917|Info|Structure and Semantics|Query details
Documentation
| -|Responses With Wrong HTTP Status Code (v2)
069a5378-2091-43f0-aa3b-ee8f20996e99|Info|Structure and Semantics|
Documentation
| +|Responses With Wrong HTTP Status Code (v2)
069a5378-2091-43f0-aa3b-ee8f20996e99|Info|Structure and Semantics|HTTP Responses status code should be in range of [200-599]
Documentation
| |Responses With Wrong HTTP Status Code (v3)
d86655c0-92f6-4ffc-b4d5-5b5775804c27|Info|Structure and Semantics|Query details
Documentation
| -|Schema Discriminator Mismatch Defined Properties (v2)
addc0eab-27f6-4c26-8526-d2ccd3732662|Info|Structure and Semantics|
Documentation
| +|Schema Discriminator Mismatch Defined Properties (v2)
addc0eab-27f6-4c26-8526-d2ccd3732662|Info|Structure and Semantics|Schema discriminator values should match defined properties.
Documentation
| |Schema Discriminator Mismatch Defined Properties (v3)
40d3df21-c170-4dbe-9c02-4289b51f994f|Info|Structure and Semantics|Query details
Documentation
| -|Schema Discriminator Not Required (v2)
be6a3722-af60-438c-b1b9-2a03e2958ab7|Info|Structure and Semantics|
Documentation
| +|Schema Discriminator Not Required (v2)
be6a3722-af60-438c-b1b9-2a03e2958ab7|Info|Structure and Semantics|The discriminator property in the Schema Object should be a required property
Documentation
| |Schema Discriminator Not Required (v3)
b481d46c-9c61-480f-86d9-af07146dc4a4|Info|Structure and Semantics|Query details
Documentation
| -|Schema Discriminator Property Not String (v2)
949376f1-f560-4c6d-a016-63424ca931bb|Info|Structure and Semantics|
Documentation
| +|Schema Discriminator Property Not String (v2)
949376f1-f560-4c6d-a016-63424ca931bb|Info|Structure and Semantics|Schema discriminator property should be a string
Documentation
| |Schema Discriminator Property Not String (v3)
dadc2f36-1f5a-46c0-8289-75e626583123|Info|Structure and Semantics|Query details
Documentation
| -|Schema Enum Invalid (v2)
8fe6d18a-ad4c-4397-8884-e3a9da57f4c9|Info|Structure and Semantics|
Documentation
| +|Schema Enum Invalid (v2)
8fe6d18a-ad4c-4397-8884-e3a9da57f4c9|Info|Structure and Semantics|The field 'enum' of Schema Object should be consistent with the schema's type
Documentation
| |Schema Enum Invalid (v3)
03856cb2-e46c-4daf-bfbf-214ec93c882b|Info|Structure and Semantics|Query details
Documentation
| -|Schema Has A Required Property Undefined (v2)
811762c8-2e99-4f70-88f9-a63875a953b1|Info|Structure and Semantics|
Documentation
| +|Schema Has A Required Property Undefined (v2)
811762c8-2e99-4f70-88f9-a63875a953b1|Info|Structure and Semantics|Schema Object should not be have a required property that is not defined on properties
Documentation
| |Schema Has A Required Property Undefined (v3)
2bd608ae-8a1f-457f-b710-c237883cb313|Info|Structure and Semantics|Query details
Documentation
| -|Schema Object Properties With Duplicated Keys (v2)
ded017bf-fb13-4f8d-868b-84aebcc572ad|Info|Structure and Semantics|
Documentation
| +|Schema Object Properties With Duplicated Keys (v2)
ded017bf-fb13-4f8d-868b-84aebcc572ad|Info|Structure and Semantics|Schema Object Property key should be unique through out the fields 'properties', 'allOf', 'additionalProperties'
Documentation
| |Schema Object Properties With Duplicated Keys (v3)
10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa|Info|Structure and Semantics|Query details
Documentation
| -|Schema Object With Circular Ref (v2)
cbff2508-85c9-4448-a8b3-770070edf5ca|Info|Structure and Semantics|
Documentation
| +|Schema Object With Circular Ref (v2)
cbff2508-85c9-4448-a8b3-770070edf5ca|Info|Structure and Semantics|Schema Object should not reference it self in 'allOf', 'oneOf', 'anyOf' and 'not' properties
Documentation
| |Schema Object With Circular Ref (v3)
1a1aea94-745b-40a7-b860-0702ea6ee636|Info|Structure and Semantics|Query details
Documentation
| -|Template Path With No Corresponding Path Parameter (v2)
e7656d8d-7288-4bbe-b07b-22b389be75ce|Info|Structure and Semantics|
Documentation
| +|Template Path With No Corresponding Path Parameter (v2)
e7656d8d-7288-4bbe-b07b-22b389be75ce|Info|Structure and Semantics|The template path must have a corresponding path parameter for a given operation
Documentation
| |Template Path With No Corresponding Path Parameter (v3)
561710b1-b845-4562-95ce-2397a05ccef4|Info|Structure and Semantics|Query details
Documentation
| |Type Has Invalid Keyword (v2)
492c6cbb-f3f8-4807-aa4f-42b8b1c46b59|Info|Structure and Semantics|Schema/Parameter/Header Object define type should not use a keyword of another type
Documentation
| |Type Has Invalid Keyword (v3)
a9228976-10cf-4b5f-b902-9e962aad037a|Info|Structure and Semantics|Query details
Documentation
| diff --git a/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md b/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md index 113e9728336..2c37a5c0931 100644 --- a/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md +++ b/docs/queries/openapi-queries/00b78adf-b83f-419c-8ed8-c6018441dd3a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/pattern_undefined) ### Description diff --git a/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md b/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md index 468070d4f6f..57ec0c01489 100644 --- a/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md +++ b/docs/queries/openapi-queries/013bdb4b-9246-4248-b0c3-7fb0fee42a29.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/required_property_default_value) ### Description diff --git a/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md b/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md index 305d03727d3..d8746a5a597 100644 --- a/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md +++ b/docs/queries/openapi-queries/015eac96-6313-43c0-84e5-81b1374fa637.md @@ -1,5 +1,5 @@ --- -title: Schema JSON Reference Does Not Exists (v3) +title: Schema JSON Reference Does Not Exist (v3) hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 015eac96-6313-43c0-84e5-81b1374fa637 -- **Query name:** Schema JSON Reference Does Not Exists (v3) +- **Query name:** Schema JSON Reference Does Not Exist (v3) - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_schema) ### Description -Schema reference should exists on components field
+Schema reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md b/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md index cf61d69c975..1b253403822 100644 --- a/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md +++ b/docs/queries/openapi-queries/0220e1c5-65d1-49dd-b7c2-cef6d6cb5283.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/schema_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md b/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md index 97f130ad243..8f54d0860f3 100644 --- a/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md +++ b/docs/queries/openapi-queries/03856cb2-e46c-4daf-bfbf-214ec93c882b.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_enum_invalid) ### Description diff --git a/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md b/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md index 02a2865a103..16a3039d2c5 100644 --- a/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md +++ b/docs/queries/openapi-queries/05505192-ba2c-4a81-9b25-dcdbcc973746.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/parameter_objects_headers_dup_name) ### Description diff --git a/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md b/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md index 056f62f9d00..40ba46a99e4 100644 --- a/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md +++ b/docs/queries/openapi-queries/06764426-3c56-407e-981f-caa25db1c149.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_schemes_http_unknown_scheme) ### Description diff --git a/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md b/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md index 3eb4be6223b..86cbcf3a5c3 100644 --- a/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md +++ b/docs/queries/openapi-queries/0b76d993-ee52-43e0-8b39-3787d2ddabf1.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unused_response_definition) ### Description diff --git a/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md b/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md index 93f92284df0..fd5da0bf407 100644 --- a/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md +++ b/docs/queries/openapi-queries/0c79e50e-b3cf-490c-b8f6-587c644d4d0c.md @@ -20,11 +20,11 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_object_without_consumes) ### Description -Operation Object should have 'consumes' feild defined for 'POST', 'PUT' and 'PATCH' operations
+Operation Object should have 'consumes' field defined for 'POST', 'PUT' and 'PATCH' operations
[Documentation](https://swagger.io/specification/v2/#operation-object) ### Code samples diff --git a/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md b/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md index 636e3610296..01db73bc91b 100644 --- a/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md +++ b/docs/queries/openapi-queries/0de50145-e845-47f4-9a15-23bcf2125710.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_parameter_not_required) ### Description diff --git a/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md b/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md index 402e6e3223d..4490ef24ef0 100644 --- a/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md +++ b/docs/queries/openapi-queries/0f6cd0ab-c366-4595-84fc-fbd8b9901e4d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/request_body_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md b/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md index 1996ffa58cc..70993db1b1e 100644 --- a/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md +++ b/docs/queries/openapi-queries/105e20dd-8449-4d71-95c6-d5dac96639af.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/success_response_code_undefined_trace_operation) ### Description diff --git a/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md b/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md index eca0abdb8ef..6c0ecee2a8d 100644 --- a/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md +++ b/docs/queries/openapi-queries/10c61e4b-eed5-49cf-9c7d-d4bf02e9edfa.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_object_properties_with_duplicated_keys) ### Description diff --git a/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md b/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md index c18e611d897..d7e23503156 100644 --- a/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md +++ b/docs/queries/openapi-queries/12a7210b-f4b4-47d0-acac-0a819e2a0ca3.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/response_operations_body_schema_incorrect_defined) ### Description diff --git a/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md b/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md index 1de594036be..66204803792 100644 --- a/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md +++ b/docs/queries/openapi-queries/151331e2-11f4-4bb6-bd35-9a005e695087.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_object_fixed_field_key_improperly_named) ### Description diff --git a/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md b/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md index 51ede7d315f..d3567bdf644 100644 --- a/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md +++ b/docs/queries/openapi-queries/181bd815-767e-4e95-a24d-bb3c87328e19.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/numeric_schema_without_minimum) ### Description diff --git a/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md b/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md index 7b0f45179e4..36a62c4aa6d 100644 --- a/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md +++ b/docs/queries/openapi-queries/1908a8ee-927d-4166-8f18-241152170cc1.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_patch_operation) ### Description diff --git a/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md b/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md index 9c3e58a9de0..9cf9844f04c 100644 --- a/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md +++ b/docs/queries/openapi-queries/1a1aea94-745b-40a7-b860-0702ea6ee636.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_object_with_circular_ref) ### Description diff --git a/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md b/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md index d58d9724d76..2afadca463c 100644 --- a/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md +++ b/docs/queries/openapi-queries/1bc3205c-0d60-44e6-84f3-44fbf4dac5b3.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_schemes_using_oauth) ### Description diff --git a/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md b/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md index 11fcb3be139..04a86342f8a 100644 --- a/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md +++ b/docs/queries/openapi-queries/20a482d5-c5d9-4a7a-b7a4-60d0805047b4.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_operation_field_undefined) ### Description diff --git a/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md b/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md index 0109fdc6fcb..c566d462021 100644 --- a/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md +++ b/docs/queries/openapi-queries/20cb3159-b219-496b-8dac-54ae3ab2021a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/non_array_schema_with_items) ### Description diff --git a/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md b/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md index 7aba8a7203c..457c8aeeb9c 100644 --- a/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md +++ b/docs/queries/openapi-queries/221015a8-aa2a-43f5-b00b-ad7d2b1d47a8.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_definitions_using_basic_auth) ### Description diff --git a/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md b/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md index 9987c052bab..165278a1b04 100644 --- a/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md +++ b/docs/queries/openapi-queries/237402e2-c2f0-46c9-9cf5-286160cf7bfc.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_ambiguous) ### Description diff --git a/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md b/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md index 2ad2f0be3f8..a276e664012 100644 --- a/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md +++ b/docs/queries/openapi-queries/23a9e2d9-8738-4556-a71c-2802b6ffa022.md @@ -20,11 +20,11 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/undefined_security_scope_global_security) ### Description -Using an scope on global security field that is undefined on 'securityScheme' can be defined by an attacker
+Using a scope on global security field that is undefined on 'securityScheme' can be defined by an attacker
[Documentation](https://swagger.io/specification/#oauth-flow-object) ### Code samples diff --git a/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md b/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md index e59c9ebc7ee..9f90e852f9b 100644 --- a/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md +++ b/docs/queries/openapi-queries/2596545e-1757-4ff7-a15a-8a9a180a42f3.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/parameter_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md b/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md index 8bff59bd13c..79d10559456 100644 --- a/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md +++ b/docs/queries/openapi-queries/26f06397-36d8-4ce7-b993-17711261d777.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_content_type_for_multiple_files_upload) ### Description diff --git a/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md b/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md index 5d5488d7b3b..32b7b2ba907 100644 --- a/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md +++ b/docs/queries/openapi-queries/274f910a-0665-4f08-b66d-7058fe927dba.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/invalid_oauth2_token_url) ### Description diff --git a/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md b/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md index c7a55c27e7f..2c693b6f0b4 100644 --- a/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md +++ b/docs/queries/openapi-queries/281b8071-6226-4a43-911d-fec246d422c2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/api_key_exposed_in_operation_security) ### Description diff --git a/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md b/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md index 1dca06ad0d7..9d21d73f200 100644 --- a/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md +++ b/docs/queries/openapi-queries/2bd608ae-8a1f-457f-b710-c237883cb313.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_required_property_undefined) ### Description diff --git a/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md b/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md index d48d3270d12..d3e02e480b0 100644 --- a/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md +++ b/docs/queries/openapi-queries/2cf35b40-ded3-43d6-9633-c8dcc8bcc822.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_example_mismatch_produces_mediatype) ### Description diff --git a/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md b/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md index f5b2ea20a98..40ddc7dbfdc 100644 --- a/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md +++ b/docs/queries/openapi-queries/2d6646f4-2946-420f-8c14-3232d49ae0cb.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/header_object_with_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md b/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md index dad24356d80..a49d8f70053 100644 --- a/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md +++ b/docs/queries/openapi-queries/2d8c175a-6d90-412b-8b0e-e034ea49a1fe.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/global_server_uses_http) ### Description diff --git a/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md b/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md index 5952c08d778..6e0b31794de 100644 --- a/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md +++ b/docs/queries/openapi-queries/2da46be4-4317-4650-9285-56d7103c4f93.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/global_security_using_password_flow) ### Description diff --git a/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md b/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md index f5e4c228781..bd3943974e0 100644 --- a/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md +++ b/docs/queries/openapi-queries/2e275f16-b627-4d3f-ae73-a6153a23ae8f.md @@ -1,5 +1,5 @@ --- -title: Parameter JSON Reference Does Not Exists (v3) +title: Parameter JSON Reference Does Not Exist (v3) hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 2e275f16-b627-4d3f-ae73-a6153a23ae8f -- **Query name:** Parameter JSON Reference Does Not Exists (v3) +- **Query name:** Parameter JSON Reference Does Not Exist (v3) - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_parameter) ### Description -Parameter reference should exists on components field
+Parameter reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md b/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md index 96774b51cf4..f241ed7277b 100644 --- a/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md +++ b/docs/queries/openapi-queries/2e44e632-d617-43cb-b294-6bfe72a08938.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_using_password_flow) ### Description diff --git a/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md b/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md index 4391e3e5fa1..4b783c98559 100644 --- a/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md +++ b/docs/queries/openapi-queries/2e9b6612-8f69-42e0-a5b8-ed17739c2f3a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/object_using_enum_with_keyword) ### Description diff --git a/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md b/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md index 062788205e6..c265c0fca90 100644 --- a/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md +++ b/docs/queries/openapi-queries/2ea04bef-c769-409e-9179-ee3a50b5c0ac.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/numeric_schema_without_maximum) ### Description diff --git a/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md b/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md index e948fd12f33..53fd953d80e 100644 --- a/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md +++ b/docs/queries/openapi-queries/31dd6fc0-f274-493b-9614-e063086c19fc.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_schema_content) ### Description diff --git a/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md b/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md index d45acade7f8..01641261645 100644 --- a/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md +++ b/docs/queries/openapi-queries/332cf2ad-380d-4b90-b436-46f8e635cf38.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_contact_url) ### Description diff --git a/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md b/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md index 202b5de773e..00c8558939a 100644 --- a/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md +++ b/docs/queries/openapi-queries/33d96c65-977d-4c33-943f-440baca49185.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/invalid_oauth_authorization_url) ### Description diff --git a/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md b/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md index 9b1308d5aea..7117270da89 100644 --- a/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md +++ b/docs/queries/openapi-queries/37140f7f-724a-4c87-a536-e9cee1d61533.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_requirement_object_with_wrong_scopes) ### Description diff --git a/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md b/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md index 27b3d80065a..7b731c98a2a 100644 --- a/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md +++ b/docs/queries/openapi-queries/376c9390-7e9e-4cb8-a067-fd31c05451fd.md @@ -1,5 +1,5 @@ --- -title: Header JSON Reference Does Not Exists +title: Header JSON Reference Does Not Exist hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 376c9390-7e9e-4cb8-a067-fd31c05451fd -- **Query name:** Header JSON Reference Does Not Exists +- **Query name:** Header JSON Reference Does Not Exist - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_header) ### Description -Header reference should exists on components field
+Header reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md b/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md index 06107656bde..443633e079b 100644 --- a/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md +++ b/docs/queries/openapi-queries/3847280c-9193-40bc-8009-76168e822ce2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/undefined_security_scope_security_operations) ### Description diff --git a/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md b/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md index 53b82f4d66c..27eb4f77267 100644 --- a/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md +++ b/docs/queries/openapi-queries/3979b0a4-532c-4ea7-86e4-34c090eaa4f2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/oauth2_with_password_flow) ### Description diff --git a/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md b/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md index 7080f3ca00b..631f5c0e701 100644 --- a/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md +++ b/docs/queries/openapi-queries/39cb32f2-3a42-4af0-8037-82a7a9654b6c.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/oauth2_with_implicit_flow) ### Description diff --git a/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md b/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md index 3d04804d0d6..c45f1df8e24 100644 --- a/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md +++ b/docs/queries/openapi-queries/3a01790c-ebee-4da6-8fd3-e78657383b75.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/schema_with_additional_properties_set_as_boolean) ### Description diff --git a/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md b/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md index 173606b8ad3..679453eea9b 100644 --- a/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md +++ b/docs/queries/openapi-queries/3b066059-f411-4554-ac8d-96f32bff90da.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_head_operation) ### Description diff --git a/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md b/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md index 078b7a5c0a9..4791be9b7ca 100644 --- a/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md +++ b/docs/queries/openapi-queries/3b497874-ae59-46dd-8d72-1868a3b8f150.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_delete_operation) ### Description diff --git a/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md b/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md index 4ca3b020676..2a6e2d5b60f 100644 --- a/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md +++ b/docs/queries/openapi-queries/3b615f00-c443-4ba9-acc4-7c308716917d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unknown_prefix) ### Description diff --git a/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md b/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md index 1eecd56bc15..c26c155ea7f 100644 --- a/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md +++ b/docs/queries/openapi-queries/3ba0cca1-b815-47bf-ac62-1e584eb64a05.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_oauth2_token_url) ### Description diff --git a/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md b/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md index 1f07529b828..55ac1f35440 100644 --- a/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md +++ b/docs/queries/openapi-queries/3d7d7b6c-fb0a-475e-8a28-c125e30d15f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/host_with_invalid_pattern) ### Description diff --git a/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md b/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md index 787e99ac1d7..440cec49903 100644 --- a/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md +++ b/docs/queries/openapi-queries/3fb03214-25d4-4bd4-867c-c2d8d708a483.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/properties_missing_required_property) ### Description diff --git a/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md b/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md index 45b5b1c1bc3..98f9e38acdb 100644 --- a/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md +++ b/docs/queries/openapi-queries/40d3df21-c170-4dbe-9c02-4289b51f994f.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_discriminator_mismatch_defined_properties) ### Description diff --git a/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md b/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md index 5d7938e9dfe..a51290b68e0 100644 --- a/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md +++ b/docs/queries/openapi-queries/40e1d1bf-11a9-4f63-a3a2-a8b84c602839.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/api_key_exposed_in_global_security_scheme) ### Description diff --git a/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md b/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md index 8c60b337a31..1f2bebd536f 100644 --- a/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md +++ b/docs/queries/openapi-queries/4190dda7-af03-4cf0-a128-70ac1661ca09.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_allow_reserved_encoding_object_ignored) ### Description diff --git a/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md b/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md index f6dedf654bf..0abfc6e1a7d 100644 --- a/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md +++ b/docs/queries/openapi-queries/429b2106-ba37-43ba-9727-7f699cc611e1.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unknown_property) ### Description diff --git a/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md b/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md index 48c243920d7..ca958960b7a 100644 --- a/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md +++ b/docs/queries/openapi-queries/462d6a1d-fed9-4d75-bb9e-3de902f35e6e.md @@ -20,11 +20,11 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/undefined_security_scope_security_operations) ### Description -Using an scope on security of operations that is undefined on 'securityScheme' can be defined by an attacker
+Using a scope on security of operations that is undefined on 'securityScheme' can be defined by an attacker
[Documentation](https://swagger.io/specification/#oauth-flow-object) ### Code samples diff --git a/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md b/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md index 6f2d593adcf..450e778e76d 100644 --- a/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md +++ b/docs/queries/openapi-queries/46facedc-f243-4108-ab33-583b807d50b0.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_undefined_type) ### Description diff --git a/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md b/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md index 761194ba666..5a8a2f592df 100644 --- a/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md +++ b/docs/queries/openapi-queries/48e9e1fe-cf79-45b5-93e6-8b55ae5dadfd.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/operation_without_successful_http_status_code) ### Description diff --git a/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md b/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md index 26aa59d7097..d6d81522656 100644 --- a/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md +++ b/docs/queries/openapi-queries/4bcbcd52-3028-469f-bc14-02c7dbba2df2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/property_allow_empty_value_improperly_defined) ### Description diff --git a/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md b/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md index 4607d854413..7edca8a46f8 100644 --- a/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md +++ b/docs/queries/openapi-queries/4cac7ace-b0fb-477d-830d-65395d9109d9.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/schema_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md b/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md index 1385e460274..61e251ffcd2 100644 --- a/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md +++ b/docs/queries/openapi-queries/4cd8de87-b595-48b6-ab3c-1904567135ab.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/encoding_header_content_type_improperly_defined) ### Description diff --git a/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md b/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md index b3b5737e8fd..44636ae1c18 100644 --- a/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md +++ b/docs/queries/openapi-queries/500ce696-d501-41dd-86eb-eceb011a386f.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_object_empty) ### Description diff --git a/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md b/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md index 8f97ad262db..1dd7b7f33df 100644 --- a/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md +++ b/docs/queries/openapi-queries/50de3b5b-6465-4e06-a9b0-b4c2ba34326b.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/header_object_without_schema) ### Description diff --git a/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md b/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md index b922748bd66..fba1bf33747 100644 --- a/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md +++ b/docs/queries/openapi-queries/52c0d841-60d6-4a81-88dd-c35fef36d315.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_oauth_authorization_url) ### Description diff --git a/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md b/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md index 4b79a80e058..21dcbd93be7 100644 --- a/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md +++ b/docs/queries/openapi-queries/543e38f4-1eee-479e-8eb0-15257013aa0a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_empty_object_definition) ### Description diff --git a/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md b/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md index 6095935278a..e62eb0d29e3 100644 --- a/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md +++ b/docs/queries/openapi-queries/561710b1-b845-4562-95ce-2397a05ccef4.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/template_path_parameter_with_no_corresponding_path_parameter) ### Description diff --git a/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md b/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md index 110f88f510f..2456b05a61c 100644 --- a/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md +++ b/docs/queries/openapi-queries/58f06434-a88c-4f74-826c-db7e10cc7def.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/request_body_object_with_incorrect_media_type) ### Description diff --git a/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md b/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md index beb42d163e7..4f5fff6d90f 100644 --- a/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md +++ b/docs/queries/openapi-queries/5915c20f-dffa-4cee-b5d4-f457ddc0151a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/empty_array) ### Description diff --git a/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md b/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md index a3cc6807913..dcff03e9abf 100644 --- a/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md +++ b/docs/queries/openapi-queries/59c2f769-7cc2-49c8-a3de-4e211135cfab.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_allow_empty_value_ignored) ### Description diff --git a/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md b/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md index cf2dfb3529e..0f394ac4101 100644 --- a/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md +++ b/docs/queries/openapi-queries/5aea1d7e-b834-4749-b143-2c7ec3bd5922.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_tag_external_documentation_url) ### Description diff --git a/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md b/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md index 7ed8c5f318e..30faf85c6b7 100644 --- a/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md +++ b/docs/queries/openapi-queries/5e5ecb9d-04b5-4e4f-b5a5-6ee04279b275.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/object_without_required_property) ### Description diff --git a/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md b/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md index 9badd94233c..b56aebfc64e 100644 --- a/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md +++ b/docs/queries/openapi-queries/5ea61624-3733-4a3a-8ca4-b96fec9c5aeb.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_operation_external_documentation_url) ### Description diff --git a/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md b/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md index e5c1e58a491..aa38d01ad49 100644 --- a/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md +++ b/docs/queries/openapi-queries/60b5f56b-66ff-4e1c-9b62-5753e16825bc.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_put_operation) ### Description diff --git a/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md b/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md index a7d9fb7d084..aa09ec90797 100644 --- a/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md +++ b/docs/queries/openapi-queries/60fb6621-9f02-473b-9424-ba9a825747d3.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/link_object_with_both_operation_id_and_operation_ref) ### Description diff --git a/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md b/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md index 5d192ad8039..0f2196b2465 100644 --- a/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md +++ b/docs/queries/openapi-queries/663c442d-f918-4f62-b096-0bf5dcbeb655.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_operations_empty_array) ### Description diff --git a/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md b/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md index 546e8ecd199..5a525ef4ec8 100644 --- a/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md +++ b/docs/queries/openapi-queries/68e5fcac-390c-4939-a373-6074b7be7c71.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_using_http_basic) ### Description diff --git a/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md b/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md index 8744bc989af..b94ac8729b1 100644 --- a/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md +++ b/docs/queries/openapi-queries/6952a7e0-6e48-4285-bbc1-27c64e60f888.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_schema_external_documentation_url) ### Description diff --git a/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md b/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md index 9d88dfc3f01..714b3fa73e2 100644 --- a/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md +++ b/docs/queries/openapi-queries/698a464e-bb3e-4ba8-ab5e-e6599b7644a0.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_parameter_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md b/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md index e7052aa4da7..4d362ed5e10 100644 --- a/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md +++ b/docs/queries/openapi-queries/6998389e-66b2-473d-8d05-c8d71ac4d04d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/array_without_maximum_number_items) ### Description diff --git a/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md b/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md index 4a05f6d9633..d6a44123c07 100644 --- a/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md +++ b/docs/queries/openapi-queries/69d7aefd-149d-47b8-8d89-1c2181a8067b.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_parameter_with_no_corresponding_template_path) ### Description diff --git a/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md b/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md index 70444c4b901..98e993303ca 100644 --- a/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md +++ b/docs/queries/openapi-queries/6a2c219f-da5e-4745-941e-5ea8cde23356.md @@ -1,5 +1,5 @@ --- -title: Example JSON Reference Does Not Exists +title: Example JSON Reference Does Not Exist hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 6a2c219f-da5e-4745-941e-5ea8cde23356 -- **Query name:** Example JSON Reference Does Not Exists +- **Query name:** Example JSON Reference Does Not Exist - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_example) ### Description -Example reference should exists on components field
+Example reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md b/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md index bd4b76c9a41..dc2b80318e5 100644 --- a/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md +++ b/docs/queries/openapi-queries/6b76f589-9713-44ab-97f5-59a3dba1a285.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_request_body_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md b/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md index 20a9ac50f9a..aa245d5ad72 100644 --- a/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md +++ b/docs/queries/openapi-queries/6c35d2c6-09f2-4e5c-a094-e0e91327071d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/response_code_missing) ### Description diff --git a/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md b/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md index d10e45776e2..f843030e085 100644 --- a/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md +++ b/docs/queries/openapi-queries/6d2e0790-cc3d-4c74-b973-d4e8b09f4455.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unused_schema_definition) ### Description diff --git a/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md b/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md index 55ded4bfa03..60273a0e853 100644 --- a/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md +++ b/docs/queries/openapi-queries/72d259ca-9741-48dd-9f62-eb11f2936b37.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_parameter_named_as_content_type) ### Description diff --git a/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md b/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md index b77917f8ccf..e80038b4399 100644 --- a/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md +++ b/docs/queries/openapi-queries/73c3bc54-3cc6-4c0a-b30a-e19f2abfc951.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/non_body_parameter_with_schema) ### Description diff --git a/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md b/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md index 59cf2737cbd..4c3ddd4a8dd 100644 --- a/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md +++ b/docs/queries/openapi-queries/750b40be-4bac-4f59-bdc4-1ca0e6c3450e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/property_not_unique) ### Description diff --git a/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md b/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md index 2779bb705a4..20fd4a48597 100644 --- a/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md +++ b/docs/queries/openapi-queries/750f6448-27c0-49f8-a153-b81735c1e19c.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/multi_collectionformat_not_valid_in_parameter) ### Description diff --git a/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md b/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md index 62ce809470e..347b27f81c1 100644 --- a/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md +++ b/docs/queries/openapi-queries/77276d82-4f45-4cf1-8e2b-4d345b936228.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/global_security_scheme_using_basic_authentication) ### Description diff --git a/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md b/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md index e4936fdb09b..df11763b92f 100644 --- a/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md +++ b/docs/queries/openapi-queries/773116aa-2e6d-416f-bd85-f0301cc05d76.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_definitions_allows_password_flow) ### Description diff --git a/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md b/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md index 541e0aaa15c..aa57407a7e8 100644 --- a/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md +++ b/docs/queries/openapi-queries/7a01dfbd-da62-4165-aed7-71349ad42ab4.md @@ -1,5 +1,5 @@ --- -title: Response JSON Reference Does Not Exists (v3) +title: Response JSON Reference Does Not Exist (v3) hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 7a01dfbd-da62-4165-aed7-71349ad42ab4 -- **Query name:** Response JSON Reference Does Not Exists (v3) +- **Query name:** Response JSON Reference Does Not Exist (v3) - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_response) ### Description -Response reference should exists on components field
+Response reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md b/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md index d0a864375b0..6092c55438d 100644 --- a/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md +++ b/docs/queries/openapi-queries/7f203940-39c4-4ea7-91ee-7aba16bca9e2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_allow_reserved_improperly_defined) ### Description diff --git a/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md b/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md index d8dd3648978..03d1966e882 100644 --- a/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md +++ b/docs/queries/openapi-queries/7f91992f-b4c8-43bf-9bf9-fae9ecdb6e3a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/file_parameter_with_wrong_consumes_property) ### Description diff --git a/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md b/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md index 97a8bfac168..ccef23bdc35 100644 --- a/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md +++ b/docs/queries/openapi-queries/801f0c6a-a834-4467-89c6-ddecffb46b5a.md @@ -1,5 +1,5 @@ --- -title: Link JSON Reference Does Not Exists +title: Link JSON Reference Does Not Exist hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 801f0c6a-a834-4467-89c6-ddecffb46b5a -- **Query name:** Link JSON Reference Does Not Exists +- **Query name:** Link JSON Reference Does Not Exist - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_link) ### Description -Link reference should exists on components field
+Link reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md b/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md index 2dd761fda4c..172d8a86168 100644 --- a/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md +++ b/docs/queries/openapi-queries/815021c8-a50c-46d9-b192-24f71072c400.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/paths_object_empty) ### Description diff --git a/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md b/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md index 72aa0c8cd23..97c093d7f32 100644 --- a/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md +++ b/docs/queries/openapi-queries/84c826c9-1893-4b34-8cdd-db97645b4bf3.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_without_operation) ### Description diff --git a/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md b/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md index b518c2cfffa..3b3e674b94a 100644 --- a/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md +++ b/docs/queries/openapi-queries/86b1fa30-9790-4980-994d-a27e0f6f27c1.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/cleartext_credentials_with_basic_auth_for_operation) ### Description diff --git a/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md b/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md index 046d1cf1f41..595cf948cef 100644 --- a/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md +++ b/docs/queries/openapi-queries/86e3702f-c868-44b2-b61d-ea5316c18110.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/default_response_undefined_operations) ### Description diff --git a/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md b/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md index 70f0fa99d8c..9739da15be9 100644 --- a/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md +++ b/docs/queries/openapi-queries/881a6e71-c2a7-4fe2-b9c3-dfcf08895331.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/example_not_compliant_with_schema_type) ### Description diff --git a/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md b/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md index 80a2b163d0b..44f578767f8 100644 --- a/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md +++ b/docs/queries/openapi-queries/8aee4754-970d-4c5f-8142-a49dfe388b1a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/server_object_variable_not_used) ### Description diff --git a/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md b/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md index 3f84404147d..a45569a55b2 100644 --- a/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md +++ b/docs/queries/openapi-queries/8af270ce-298b-4405-9922-82a10aee7a4f.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/global_security_field_undefined) ### Description diff --git a/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md b/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md index a0b6f806794..cb20fa1b5f5 100644 --- a/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md +++ b/docs/queries/openapi-queries/8bfed1c6-2d59-4924-bc7f-9b9d793ed0df.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_content_with_multiple_entries) ### Description diff --git a/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md b/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md index 055f406d112..83740899c6c 100644 --- a/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md +++ b/docs/queries/openapi-queries/8c81d6c0-716b-49ec-afa5-2d62da4e3f3c.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/string_schema_with_broad_pattern) ### Description diff --git a/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md b/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md index 4dab416fbb0..d7695701fe7 100644 --- a/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md +++ b/docs/queries/openapi-queries/8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/maximum_length_undefined) ### Description diff --git a/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md b/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md index 6665bc0fb11..f1bd94f8095 100644 --- a/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md +++ b/docs/queries/openapi-queries/8c84f75e-5048-4926-a4cb-33e7b3431300.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_parameter_named_as_authorization) ### Description diff --git a/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md b/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md index 30aebae6bca..1fb4a0898a1 100644 --- a/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md +++ b/docs/queries/openapi-queries/8d0921d6-4131-461f-a253-99e873f8f77e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/server_url_uses_undefined_variables) ### Description diff --git a/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md b/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md index 7a154d719f2..7a1dcf63d7e 100644 --- a/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md +++ b/docs/queries/openapi-queries/8db5544e-4874-4baa-9322-e9f75a2d219e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_undefined) ### Description diff --git a/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md b/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md index fef0e9a6e68..e170b5af224 100644 --- a/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md +++ b/docs/queries/openapi-queries/8fe1846f-52cc-4413-ace9-1933d7d23672.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_without_schema) ### Description diff --git a/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md b/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md index 922461fab02..896cf8234de 100644 --- a/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md +++ b/docs/queries/openapi-queries/9239c289-9e4c-4d92-8be1-9d506057c971.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_license_url) ### Description diff --git a/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md b/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md index 205477e21cd..94a9ca88a26 100644 --- a/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md +++ b/docs/queries/openapi-queries/962fa01e-b791-4dcc-b04a-4a3e7389be5e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_schema_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md b/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md index 3ccd3ab559c..9b0ec0444c0 100644 --- a/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md +++ b/docs/queries/openapi-queries/9670f240-7b4d-4955-bd93-edaa9fa38b58.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/path_server_uses_http) ### Description diff --git a/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md b/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md index f1db32661f7..9b4dbd368c1 100644 --- a/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md +++ b/docs/queries/openapi-queries/96729c6b-7400-4d9e-9807-17f00cdde4d2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/no_global_and_operation_security_defined) ### Description diff --git a/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md b/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md index a43c709093e..bc26fcd6708 100644 --- a/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md +++ b/docs/queries/openapi-queries/96beb800-566f-49a9-a0ea-dbdf4bc80429.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/json_ref_alongside_properties) ### Description diff --git a/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md b/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md index 0373cb6b3d0..77eba323387 100644 --- a/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md +++ b/docs/queries/openapi-queries/98295b32-ec09-4b5b-89a9-39853197f914.md @@ -1,5 +1,5 @@ --- -title: Schema JSON Reference Does Not Exists (v2) +title: Schema JSON Reference Does Not Exist (v2) hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 98295b32-ec09-4b5b-89a9-39853197f914 -- **Query name:** Schema JSON Reference Does Not Exists (v2) +- **Query name:** Schema JSON Reference Does Not Exist (v2) - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/json_reference_does_not_exists_schema) ### Description -Schema reference should exists on definitions field
+Schema reference should exist on definitions field
[Documentation](https://swagger.io/specification/v2/#definitionsObject) ### Code samples diff --git a/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md b/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md index 7e68803ecfa..f0ae8abcf82 100644 --- a/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md +++ b/docs/queries/openapi-queries/990eaf09-d6f1-4c3c-b174-a517b1de8917.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/responses_object_is_empty) ### Description diff --git a/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md b/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md index 3a2d15bb206..e9d5d01aa82 100644 --- a/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md +++ b/docs/queries/openapi-queries/9aa6e95c-d964-4239-a3a8-9f37a3c5a31f.md @@ -20,11 +20,11 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/undefined_security_scope_global_security) ### Description -Using an scope on global security field that is undefined on 'securityDefinitions' can be defined by an attacker
+Using a scope on global security field that is undefined on 'securityDefinitions' can be defined by an attacker
[Documentation](https://swagger.io/specification/v2/#security-scheme-object) ### Code samples diff --git a/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md b/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md index 8102536efa8..46da5bb398d 100644 --- a/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md +++ b/docs/queries/openapi-queries/9c3ea128-7e9a-4b4c-8a32-75ad17a2d3ae.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_response_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md b/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md index 75312bfb7f4..4f7e3697e2a 100644 --- a/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md +++ b/docs/queries/openapi-queries/9d967a2b-9d64-41a6-abea-dfc4960299bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/json_object_schema_without_properties) ### Description diff --git a/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md b/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md index 4eb49313510..3d3e6e5ad05 100644 --- a/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md +++ b/docs/queries/openapi-queries/9f88c88d-824d-4d9a-b985-e22977046042.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/additional_properties_too_permissive) ### Description diff --git a/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md b/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md index 3949045bfba..1c55a0ffe98 100644 --- a/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md +++ b/docs/queries/openapi-queries/a0bf7382-5d5a-4224-924c-3db8466026c9.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/server_url_not_absolute) ### Description diff --git a/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md b/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md index 7a3388d9f19..56bdab5a8db 100644 --- a/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md +++ b/docs/queries/openapi-queries/a19c3bbd-c056-40d7-9e1c-eeb0634e320d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/additional_properties_too_restrective) ### Description diff --git a/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md b/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md index fde92a0810d..c3d7535d375 100644 --- a/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md +++ b/docs/queries/openapi-queries/a4247b11-890b-45df-bf42-350a7a3af9be.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_using_http_digest) ### Description diff --git a/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md b/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md index 65277565ba9..9cd6513ff42 100644 --- a/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md +++ b/docs/queries/openapi-queries/a46928f1-43d7-4671-94e0-2dd99746f389.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/schemes_uses_http copy) ### Description diff --git a/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md b/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md index 5e1a30a96ce..405fa8c96a2 100644 --- a/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md +++ b/docs/queries/openapi-queries/a4dd69b8-49fa-45d2-a060-c76655405b05.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_explode_encoding_object_ignored) ### Description diff --git a/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md b/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md index b25bbc44d05..959df50fedd 100644 --- a/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md +++ b/docs/queries/openapi-queries/a5375be3-521c-43bb-9eab-e2432e368ee4.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/unknown_prefix) ### Description diff --git a/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md b/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md index 6aa385b0557..42c84a219ca 100644 --- a/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md +++ b/docs/queries/openapi-queries/a599b0d1-ff89-4cb8-9ece-9951854c06f6.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_requirement_not_defined_in_security_definition) ### Description diff --git a/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md b/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md index bae972cd43a..a25072b52ab 100644 --- a/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md +++ b/docs/queries/openapi-queries/a6847dc6-f4ea-45ac-a81f-93291ae6c573.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/path_scheme_accepts_http) ### Description diff --git a/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md b/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md index 8afd1b6cb93..a7a18b561ce 100644 --- a/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md +++ b/docs/queries/openapi-queries/a68da022-e95a-4bc2-97d3-481e0bd6d446.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_header_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md b/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md index 58020dd150a..e2525cb6322 100644 --- a/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md +++ b/docs/queries/openapi-queries/a8e859da-4a43-4e7f-94b8-25d6e3bf8e90.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/items_undefined) ### Description diff --git a/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md b/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md index e2ede45d7e1..cb25c44be6b 100644 --- a/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md +++ b/docs/queries/openapi-queries/a9228976-10cf-4b5f-b902-9e962aad037a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/type_has_invalid_keyword) ### Description diff --git a/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md b/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md index f4f8a1c099b..e4222db5b39 100644 --- a/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md +++ b/docs/queries/openapi-queries/a92be1d5-d762-484a-86d6-8cd0907ba100.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/response_operations_body_schema_undefined) ### Description diff --git a/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md b/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md index 2784c0a1e71..f584d485f57 100644 --- a/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md +++ b/docs/queries/openapi-queries/a96bbc06-8cde-4295-ad3c-ee343a7f658e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/default_invalid) ### Description diff --git a/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md b/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md index b0440342095..0294a407895 100644 --- a/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md +++ b/docs/queries/openapi-queries/ab1263c2-81df-46f0-9f2c-0b62fdb68419.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_field_undefined) ### Description diff --git a/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md b/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md index 4a019c5adb3..be4cf34b84c 100644 --- a/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md +++ b/docs/queries/openapi-queries/ab2af219-cd08-4233-b5a1-a788aac88b51.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/property_defining_maximum_not_greater_than_minimum) ### Description diff --git a/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md b/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md index 19ee66c00c9..53c36088eea 100644 --- a/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md +++ b/docs/queries/openapi-queries/ae13a37d-943b-47a7-a970-83c8598bcca3.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/path_template_empty) ### Description diff --git a/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md b/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md index 87b50cecf61..290b7cb9942 100644 --- a/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md +++ b/docs/queries/openapi-queries/aecee30b-8ea1-4776-a99c-d6d600f0862f.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/api_key_exposed_in_global_security) ### Description diff --git a/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md b/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md index 1674db1b052..f5db05c1c39 100644 --- a/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md +++ b/docs/queries/openapi-queries/b05bb927-2df5-43cc-8d7b-6825c0e71625.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_example_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md b/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md index cc4a00c1a4e..0524be904e1 100644 --- a/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md +++ b/docs/queries/openapi-queries/b1a7fcb0-2afe-4d5c-a6a1-4e6311fc29e7.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_contact_email) ### Description diff --git a/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md b/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md index b187aa3a6ec..c80889072b6 100644 --- a/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md +++ b/docs/queries/openapi-queries/b2d9dbf6-539c-4374-a1fd-210ddf5563a8.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_global_external_documentation_url) ### Description diff --git a/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md b/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md index 68ed1fdf03e..285151bf47a 100644 --- a/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md +++ b/docs/queries/openapi-queries/b2f275be-7d64-4064-b418-be6b431363a7.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_get_operation) ### Description diff --git a/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md b/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md index a3e3f65596f..03abaab269a 100644 --- a/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md +++ b/docs/queries/openapi-queries/b30981fa-a12e-49c7-a5bb-eeafb61d0f0f.md @@ -20,11 +20,11 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/unused_parameter_definition) ### Description -All global parameters definitions should be in use
+All global parameters definitions should be in use
[Documentation](https://swagger.io/specification/v2/#parametersDefinitionsObject) ### Code samples diff --git a/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md b/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md index ebccd6f07bc..fb36695a8b5 100644 --- a/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md +++ b/docs/queries/openapi-queries/b3871dd8-9333-4d6c-bd52-67eb898b71ab.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/response_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md b/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md index 71d38f482e4..7b5d0882aad 100644 --- a/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md +++ b/docs/queries/openapi-queries/b4803607-ed72-4d60-99e2-3fa6edf471c6.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/basepath_with_wrong_format) ### Description diff --git a/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md b/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md index d25d103e00d..e1c17d4b5ca 100644 --- a/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md +++ b/docs/queries/openapi-queries/b481d46c-9c61-480f-86d9-af07146dc4a4.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_discriminator_not_required) ### Description diff --git a/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md b/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md index 3a93f332a5d..8db744ed35d 100644 --- a/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md +++ b/docs/queries/openapi-queries/b90033cf-ad9f-4fb9-acd1-1b9d6d278c87.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/multi_body_parameters_same_operation) ### Description diff --git a/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md b/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md index 8dcc04addad..0aaf42ea983 100644 --- a/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md +++ b/docs/queries/openapi-queries/b9db8a10-020c-49ca-88c6-780e5fdb4328.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/link_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md b/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md index ddfcc9003f8..395a1c6c450 100644 --- a/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md +++ b/docs/queries/openapi-queries/ba066cda-e808-450d-92b6-f29109754d45.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/callback_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md b/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md index 1c89ead15f2..908ca1ec6ee 100644 --- a/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md +++ b/docs/queries/openapi-queries/ba239cb9-f342-4c20-812d-7b5a2aa6969e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/non_oauth2_security_requirement_defining_oauth2_scopes) ### Description diff --git a/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md b/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md index a2708e5751b..2a6e773c84b 100644 --- a/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md +++ b/docs/queries/openapi-queries/baade968-7467-41e4-bf22-83ca222f5800.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_operations_empty_object_definition) ### Description diff --git a/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md b/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md index febeee31a27..58f65a90bac 100644 --- a/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md +++ b/docs/queries/openapi-queries/bac56e3c-1f71-4a74-8ae6-2fba07efcddb.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/example_json_reference_outside_components_examples) ### Description diff --git a/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md b/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md index ec7928831ee..f4c57382860 100644 --- a/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md +++ b/docs/queries/openapi-queries/bccfa089-89e4-47e0-a0e5-185fe6902220.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/response_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md b/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md index cec25df124f..7600b9e4c3a 100644 --- a/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md +++ b/docs/queries/openapi-queries/be0e0df7-f3d9-42a1-9b6f-d425f94872c4.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/array_items_has_no_type) ### Description diff --git a/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md b/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md index 13ee254f5d4..5ab620f36c0 100644 --- a/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md +++ b/docs/queries/openapi-queries/be1d8733-3731-40c7-a845-734741c6871d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/constraining_enum_property) ### Description diff --git a/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md b/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md index cc7da5ba677..11c10484d8c 100644 --- a/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md +++ b/docs/queries/openapi-queries/be3e170e-1572-461e-a8b6-d963def581ec.md @@ -20,11 +20,11 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_object_without_produces) ### Description -Operation Object should have 'produces' feild defined for 'GET'operation
+Operation Object should have 'produces' field defined for 'GET'operation
[Documentation](https://swagger.io/specification/v2/#operation-object) ### Code samples diff --git a/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md b/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md index f0ee3bef311..d747e059ada 100644 --- a/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md +++ b/docs/queries/openapi-queries/c19779a9-5774-4d2f-a3a1-a99831730375.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_link_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md b/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md index 7971d09ef63..ea2625fd010 100644 --- a/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md +++ b/docs/queries/openapi-queries/c254adc4-ef25-46e1-8270-b7944adb4198.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/operation_id_not_unique) ### Description diff --git a/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md b/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md index f58c83fca8b..b5d8b4d8fa5 100644 --- a/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md +++ b/docs/queries/openapi-queries/c38d630d-a415-4e3e-bac2-65475979ba88.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/body_parameter_with_wrong_property) ### Description diff --git a/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md b/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md index a9d200b659c..18b4d83561b 100644 --- a/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md +++ b/docs/queries/openapi-queries/c3cab8c4-6c52-47a9-942b-c27f26fbd7d2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/parameter_file_type_not_in_formdata) ### Description diff --git a/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md b/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md index 0d27ac4c99c..2868d9558af 100644 --- a/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md +++ b/docs/queries/openapi-queries/c5bb7461-aa57-470b-a714-3bc3d74f4669.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/link_object_operation_id_does_not_target_an_operation_object) ### Description diff --git a/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md b/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md index 71f44f5b5e2..04bdb1b008a 100644 --- a/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md +++ b/docs/queries/openapi-queries/c66ebeaa-676c-40dc-a3ff-3e49395dcd5e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/servers_undefined) ### Description diff --git a/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md b/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md index b7e7dfdbc6e..5a6307a2c96 100644 --- a/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md +++ b/docs/queries/openapi-queries/ca02f4e8-d3ae-4832-b7db-bb037516d9e7.md @@ -1,5 +1,5 @@ --- -title: Request Body JSON Reference Does Not Exists +title: Request Body JSON Reference Does Not Exist hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** ca02f4e8-d3ae-4832-b7db-bb037516d9e7 -- **Query name:** Request Body JSON Reference Does Not Exists +- **Query name:** Request Body JSON Reference Does Not Exist - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_request_body) ### Description -Request Body reference should exists on components field
+Request Body reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md b/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md index ddbeda0811e..5c2fdd828d3 100644 --- a/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md +++ b/docs/queries/openapi-queries/cd7a52cf-8d7f-4cfe-bbeb-6306d23f576b.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/encoding_map_key_mismatch_schema_defined_properties) ### Description diff --git a/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md b/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md index fed9537dd3e..9edfe790586 100644 --- a/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md +++ b/docs/queries/openapi-queries/ceefb058-8065-418f-9c4c-584a78c7e104.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_using_basic_auth) ### Description diff --git a/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md b/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md index 81d6295a7c3..0165dc8e09b 100644 --- a/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md +++ b/docs/queries/openapi-queries/cf4a5f45-a27b-49df-843a-9911dbfe71d4.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/invalid_media_type_value) ### Description diff --git a/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md b/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md index 2a0e31db58b..a186bc08b2e 100644 --- a/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md +++ b/docs/queries/openapi-queries/d15db953-a553-4b8a-9a14-a3d62ea3d79d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/components_callback_definition_unused) ### Description diff --git a/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md b/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md index b4bb8453455..9ecfcce043f 100644 --- a/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md +++ b/docs/queries/openapi-queries/d172a060-8569-4412-8045-3560ebd477e8.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/object_without_required_property) ### Description diff --git a/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md b/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md index 247c46a30ea..66b62335f7a 100644 --- a/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md +++ b/docs/queries/openapi-queries/d2361d58-361c-49f0-9e50-b957fd608b29.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/schema_with_both_read_only_and_write_only) ### Description diff --git a/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md b/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md index c8ac10991e3..082880f6444 100644 --- a/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md +++ b/docs/queries/openapi-queries/d3ea644a-9a5c-4fee-941f-f8a6786c0470.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/property_type_encoding_object_ignored) ### Description diff --git a/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md b/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md index f73bfc85fdf..7f994abbc7f 100644 --- a/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md +++ b/docs/queries/openapi-queries/d40f27e6-15fb-4b56-90f8-fc0ff0291c51.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/parameter_object_incorrect_ref) ### Description diff --git a/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md b/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md index b33ab27b07f..8308f31dc72 100644 --- a/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md +++ b/docs/queries/openapi-queries/d47940ca-5970-45cc-bdd1-4d81398cee1f.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_summary_too_long) ### Description diff --git a/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md b/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md index be6bef75432..3cc768e75c8 100644 --- a/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md +++ b/docs/queries/openapi-queries/d4e43db5-54d8-4dda-b3c2-0dc6f31a46bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_response_name_is_invalid) ### Description diff --git a/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md b/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md index c261777f8dd..132022eb145 100644 --- a/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md +++ b/docs/queries/openapi-queries/d674aea4-ba8b-454b-bb97-88a772ea33f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/security_empty_array) ### Description diff --git a/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md b/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md index 89462e259a9..da7464d3b64 100644 --- a/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md +++ b/docs/queries/openapi-queries/d86655c0-92f6-4ffc-b4d5-5b5775804c27.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/responses_wrong_http_status_code) ### Description diff --git a/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md b/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md index b33cd758386..ab556afa87b 100644 --- a/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md +++ b/docs/queries/openapi-queries/d929c031-078f-4241-b802-e224656ad890.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/invalid_format) ### Description diff --git a/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md b/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md index c0a7b1fe169..875bf23da0c 100644 --- a/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md +++ b/docs/queries/openapi-queries/dadc2f36-1f5a-46c0-8289-75e626583123.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/schema_discriminator_property_not_string) ### Description diff --git a/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md b/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md index 908ee5b7d49..d109058f4f9 100644 --- a/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md +++ b/docs/queries/openapi-queries/e2ffa504-d22a-4c94-b6c5-f661849d2db7.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/json_object_schema_without_type) ### Description diff --git a/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md b/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md index 3122a805a5d..5e711d6a3eb 100644 --- a/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md +++ b/docs/queries/openapi-queries/e3f026e8-fdb4-4d5a-bcfd-bd94452073fe.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/security_definitions_undefined_or_empty) ### Description diff --git a/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md b/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md index 8481821c7d7..34e1818ec50 100644 --- a/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md +++ b/docs/queries/openapi-queries/e9817ad8-a8c9-4038-8a2f-db0e6e7b284b.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/implicit_flow_oauth2) ### Description diff --git a/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md b/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md index 5074648a5ba..548dfa932e1 100644 --- a/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md +++ b/docs/queries/openapi-queries/e9db5fb4-6a84-4abb-b4af-3b94fbdace6d.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/json_reference_does_not_exists_response) ### Description diff --git a/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md b/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md index 0f798805c90..d6d590c6278 100644 --- a/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md +++ b/docs/queries/openapi-queries/eb3f9744-d24e-4614-b1ff-2a9514eca21c.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_object_parameters_with_body_and_formatdata) ### Description diff --git a/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md b/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md index 6669ed9133e..e2c4cfcdec0 100644 --- a/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md +++ b/docs/queries/openapi-queries/ed48229d-d43e-4da7-b453-5f98d964a57a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/body_parameter_without_schema) ### Description diff --git a/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md b/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md index 00c3ad78d1e..d9e57ef716a 100644 --- a/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md +++ b/docs/queries/openapi-queries/f2702af5-6016-46cb-bbc8-84c766032095.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/header_parameter_named_as_accept) ### Description diff --git a/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md b/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md index 570e55831d6..f83ad853051 100644 --- a/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md +++ b/docs/queries/openapi-queries/f29904c8-6041-4bca-b043-dfa0546b8079.md @@ -1,5 +1,5 @@ --- -title: Callback JSON Reference Does Not Exists +title: Callback JSON Reference Does Not Exist hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** f29904c8-6041-4bca-b043-dfa0546b8079 -- **Query name:** Callback JSON Reference Does Not Exists +- **Query name:** Callback JSON Reference Does Not Exist - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/json_reference_does_not_exists_callback) ### Description -Callback reference should exists on components field
+Callback reference should exist on components field
[Documentation](https://swagger.io/specification/#components-object) ### Code samples diff --git a/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md b/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md index d7501e1e983..22087416bbc 100644 --- a/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md +++ b/docs/queries/openapi-queries/f30ee711-0082-4480-85ab-31d922d9a2b2.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/global_schemes_uses_http) ### Description diff --git a/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md b/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md index 19b4b3d40ad..9ca9f33bf34 100644 --- a/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md +++ b/docs/queries/openapi-queries/f368dd2d-9344-4146-a05b-7c6faa1269ad.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/success_response_code_undefined_post_operation) ### Description diff --git a/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md b/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md index 73d7bd63def..b23af00461a 100644 --- a/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md +++ b/docs/queries/openapi-queries/f42dfe7e-787d-4478-a75e-a5f3d8a2269e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/operation_using_implicit_flow) ### Description diff --git a/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md b/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md index fe301883eb9..2fddcab3bc2 100644 --- a/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md +++ b/docs/queries/openapi-queries/f525cc92-9050-4c41-a75c-890dc6f64449.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/security_scheme_using_http_negotiate) ### Description diff --git a/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md b/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md index 63d9aefc7d9..f78e80aedef 100644 --- a/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md +++ b/docs/queries/openapi-queries/f5b2e6af-76f5-496d-8482-8f898c5fdb4a.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/parameters_name_in_not_unique) ### Description diff --git a/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md b/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md index 44876274f94..d6d1ba22592 100644 --- a/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md +++ b/docs/queries/openapi-queries/f79b9d26-e945-44e7-98a1-b93f0f7a68a0.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/media_type_object_without_schema) ### Description diff --git a/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md b/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md index 4dd1b2bcbda..03da02cd931 100644 --- a/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md +++ b/docs/queries/openapi-queries/f985a7d2-d404-4a7f-9814-f645f791e46e.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/invalid_media_type_value) ### Description diff --git a/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md b/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md index 3334c8e8c78..87ff5c9b2e0 100644 --- a/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md +++ b/docs/queries/openapi-queries/fb7d81e7-4150-48c4-b914-92fc05da6a2f.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/3.0/unknown_property) ### Description diff --git a/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md b/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md index 0e24a823154..9b23d95cf86 100644 --- a/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md +++ b/docs/queries/openapi-queries/fb889ae9-2d16-40b5-b41f-9da716c5abc1.md @@ -1,5 +1,5 @@ --- -title: Parameter JSON Reference Does Not Exists (v2) +title: Parameter JSON Reference Does Not Exist (v2) hide: toc: true navigation: true @@ -16,11 +16,11 @@ hide: - **Query id:** fb889ae9-2d16-40b5-b41f-9da716c5abc1 -- **Query name:** Parameter JSON Reference Does Not Exists (v2) +- **Query name:** Parameter JSON Reference Does Not Exist (v2) - **Platform:** OpenAPI - **Severity:** Info - **Category:** Structure and Semantics -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/2.0/json_reference_does_not_exists_parameter) ### Description diff --git a/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md b/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md index 9bd74aa686b..263aa7d0fa0 100644 --- a/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md +++ b/docs/queries/openapi-queries/fbf699b5-ef74-4542-9cf1-f6eeac379373.md @@ -20,7 +20,7 @@ hide: - **Platform:** OpenAPI - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/openAPI/general/numeric_schema_without_format) ### Description diff --git a/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md b/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md index 9d21f9a52f4..3e4251dd47d 100644 --- a/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md +++ b/docs/queries/pulumi-queries/95588189-1abd-4df1-9588-b0a5034f9e87.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/kubernetes/missing_app_armor_config) ### Description diff --git a/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md b/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md index 1e415124ed6..21fe9edcd8b 100644 --- a/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md +++ b/docs/queries/pulumi-queries/aws/00603add-7f72-448f-a6c0-9e456a7a3f94.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticsearch_with_https_disabled) ### Description diff --git a/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md b/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md index 9fee36a5147..5933107ada7 100644 --- a/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md +++ b/docs/queries/pulumi-queries/aws/2ca87964-fe7e-4cdc-899c-427f0f3525f8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/docdb_logging_disabled) ### Description diff --git a/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md b/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md index 82dcf876d33..45b49bdcaef 100644 --- a/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md +++ b/docs/queries/pulumi-queries/aws/327b0729-4c5c-4c44-8b5c-e476cd9c7290.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 459 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/dynamodb_table_point_in_time_recovery_disabled) ### Description diff --git a/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md b/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md index 6d0d209abc1..ff3bac89620 100644 --- a/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md +++ b/docs/queries/pulumi-queries/aws/647de8aa-5a42-41b5-9faf-22136f117380.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/rds_db_instance_publicly_accessible) ### Description diff --git a/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md b/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md index 9021a0723a5..8db333fc7b3 100644 --- a/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md +++ b/docs/queries/pulumi-queries/aws/9850d621-7485-44f7-8bdd-b3cf426315cf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/iam_password_without_minimum_length) ### Description diff --git a/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md b/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md index fd7d5b805d8..b50f8fe6fe3 100644 --- a/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md +++ b/docs/queries/pulumi-queries/aws/9b18fc19-7fb8-49b1-8452-9c757c70f926.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticache_nodes_not_created_across_multi_az) ### Description diff --git a/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md b/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md index 15cea8e7d6e..f2f7048b1ab 100644 --- a/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md +++ b/docs/queries/pulumi-queries/aws/a1120ee4-a712-42d9-8fb5-22595fed643b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticsearch_logs_disabled) ### Description diff --git a/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md b/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md index 4808dc8277e..03fb826b1b0 100644 --- a/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md +++ b/docs/queries/pulumi-queries/aws/abcefee4-a0c1-4245-9f82-a473f79a9e2f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/ecs_cluster_container_insights_disabled) ### Description diff --git a/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md b/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md index 3a23e0b6339..0fab683a49a 100644 --- a/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md +++ b/docs/queries/pulumi-queries/aws/b6a7e0ae-aed8-4a19-a993-a95760bf8836.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/dynamodb_table_not_encrypted) ### Description diff --git a/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md b/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md index 3a01bdef1dc..901167847e7 100644 --- a/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md +++ b/docs/queries/pulumi-queries/aws/bccb296f-362c-4b05-9221-86d1437a1016.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/amazon_dms_replication_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md b/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md index b808fcb49e2..89f14c4cd2c 100644 --- a/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md +++ b/docs/queries/pulumi-queries/aws/bf4b48b9-fc1f-4552-984a-4becdb5bf503.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/api_gateway_access_logging_disabled) ### Description diff --git a/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md b/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md index 56cc3c74df2..62f8130c5f9 100644 --- a/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md +++ b/docs/queries/pulumi-queries/aws/d991e4ae-42ab-429b-ab43-d5e5fa9ca633.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 459 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/ec2_not_ebs_optimized) ### Description diff --git a/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md b/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md index 740a61e60ab..4deb1aa6cf8 100644 --- a/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md +++ b/docs/queries/pulumi-queries/aws/daa581ef-731c-4121-832d-cf078f67759d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/ec2_instance_monitoring_disabled) ### Description diff --git a/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md b/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md index 766e7b71fde..20ddd370057 100644 --- a/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md +++ b/docs/queries/pulumi-queries/aws/e93bbe63-a631-4c0f-b6ef-700d48441ff2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 459 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/elasticache_redis_cluster_without_backup) ### Description diff --git a/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md b/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md index cbf4284b9ad..c31df91723c 100644 --- a/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md +++ b/docs/queries/pulumi-queries/aws/f27791a5-e2ae-4905-8910-6f995c576d09.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/aws/api_gateway_without_ssl_certificate) ### Description diff --git a/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md b/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md index 374aaedb7b3..d9934b08184 100644 --- a/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md +++ b/docs/queries/pulumi-queries/azure/49e30ac8-f58e-4222-b488-3dcb90158ec1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/azure/redis_cache_allows_non_ssl_connections) ### Description diff --git a/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md b/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md index 140143206c1..f8e020de748 100644 --- a/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md +++ b/docs/queries/pulumi-queries/azure/cb8e4bf0-903d-45c6-a278-9a947d82a27b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/azure/storage_account_not_forcing_https) ### Description diff --git a/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md b/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md index d1ca7ea9a0b..f8a8051f0a8 100644 --- a/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md +++ b/docs/queries/pulumi-queries/ee305555-6b1d-4055-94cf-e22131143c34.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/kubernetes/psp_set_to_privileged) ### Description diff --git a/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md b/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md index 227978e0b65..85059716d1b 100644 --- a/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md +++ b/docs/queries/pulumi-queries/gcp/48f7e44d-d1d1-44c2-b336-9f11b65c4fb0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/gcp/cloud_storage_bucket_logging_not_enabled) ### Description diff --git a/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md b/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md index d08766aec53..a06f85940c7 100644 --- a/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md +++ b/docs/queries/pulumi-queries/gcp/965e8830-2bec-4b9b-a7f0-24dbc200a68f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Pulumi - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/pulumi/gcp/google_compute_ssl_policy_weak_cipher_in_use) ### Description diff --git a/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md b/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md index 0a1533ce977..b41e21e6285 100644 --- a/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md +++ b/docs/queries/serverlessfw-queries/0d7ef70f-e176-44e6-bdba-add3e429788d.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_x-ray_tracing) ### Description diff --git a/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md b/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md index e489cea4aea..095ac87f32e 100644 --- a/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md +++ b/docs/queries/serverlessfw-queries/165aae3b-a56a-48f3-b76d-d2b5083f5b8f.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_unique_iam_role) ### Description diff --git a/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md b/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md index 2c3ca69b528..9d9214b7956 100644 --- a/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md +++ b/docs/queries/serverlessfw-queries/434945e5-4dfd-41b1-aba1-47075ccd9265.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_xray_tracing_disabled) ### Description diff --git a/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md b/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md index e8e60b67740..4ae4bfe01ca 100644 --- a/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md +++ b/docs/queries/serverlessfw-queries/4495bc5d-4d1e-4a26-ae92-152d18195648.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_environment_variables_not_encrypted) ### Description diff --git a/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md b/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md index dd0ae59f828..201bd9c18c3 100644 --- a/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md +++ b/docs/queries/serverlessfw-queries/4d424558-c6d1-453c-be98-9a7f877abd9a.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_endpoint_config_not_private) ### Description diff --git a/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md b/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md index 106c9f8747e..b5ad84afa5b 100644 --- a/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md +++ b/docs/queries/serverlessfw-queries/59ebb4f3-2a6c-46dc-b4f0-cc5418dcddcd.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_role_with_full_privileges) ### Description diff --git a/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md b/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md index 440ef7f8e8c..2720505e166 100644 --- a/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md +++ b/docs/queries/serverlessfw-queries/a4d32883-aac7-42e1-b403-9415af0f3846.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_access_logging_setting_undefined) ### Description diff --git a/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md b/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md index dd696ca15e1..3b53636fa66 100644 --- a/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md +++ b/docs/queries/serverlessfw-queries/d5d1fe08-89db-440c-8725-b93223387309.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_api_without_content_encoding) ### Description diff --git a/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md b/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md index 2c516b63e9e..d8cbe7445af 100644 --- a/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md +++ b/docs/queries/serverlessfw-queries/dec7bc85-d156-4f64-9a33-96ed3d9f3fed.md @@ -20,7 +20,7 @@ hide: - **Platform:** ServerlessFW - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 703 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_dead_letter_queue) ### Description diff --git a/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md b/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md index 5cc210b44a9..26200b5c19d 100644 --- a/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md +++ b/docs/queries/serverlessfw-queries/f99d3482-fa8c-4f79-bad9-35212dded164.md @@ -20,11 +20,11 @@ hide: - **Platform:** ServerlessFW - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 800 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/serverlessFW/serverless_function_without_tags) ### Description -Serverless Function should be have associated tags
+Serverless Function should have associated tags
[Documentation](https://www.serverless.com/framework/docs/providers/aws/guide/functions#tags) ### Code samples diff --git a/docs/queries/terraform-queries.md b/docs/queries/terraform-queries.md index 8ecf2142ac3..9e6e8c0a752 100644 --- a/docs/queries/terraform-queries.md +++ b/docs/queries/terraform-queries.md @@ -398,8 +398,8 @@ Below are listed queries related to Terraform AWS: |DynamoDB Table Point In Time Recovery Disabled
741f1291-47ac-4a85-a07b-3d32a9d6bd3e|Info|Best Practices|Query details
Documentation
| |EC2 Not EBS Optimized
60224630-175a-472a-9e23-133827040766|Info|Best Practices|Query details
Documentation
| |Resource Not Using Tags
e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10|Info|Best Practices|Query details
Documentation
| -|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Info|Best Practices|Query details
Documentation
| |Security Group Rule Without Description
cb3f5ed6-0d18-40de-a93d-b3538db31e8c|Info|Best Practices|Query details
Documentation
| +|Security Group Rule Without Description
68eb4bf3-f9bf-463d-b5cf-e029bb446d2e|Info|Best Practices|Query details
Documentation
| |CloudWatch AWS Organizations Changes Missing Alarm
38b85c45-e772-4de8-a247-69619ca137b3|Info|Observability|Query details
Documentation
| |CloudWatch Without Retention Period Specified
ef0b316a-211e-42f1-888e-64efe172b755|Info|Observability|Query details
Documentation
| @@ -705,30 +705,30 @@ Below are listed queries related to Terraform NIFCLOUD: | Query |Severity|Category|More info| |------------------------------|--------|--------|-----------| -|Beta - Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud ELB Listener Use HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud ELB Use HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Listener Use HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Use HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Use Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud LB Use Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|High|Insecure Configurations|Query details
Documentation
| -|Beta - Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Router Undefined Security Group To Router
e7dada38-af20-4899-8955-dabea84ab1f0|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway
b3535a48-910c-47f8-8b3b-14222f29ef80|High|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Medium|Backup|Query details
Documentation
| -|Beta - Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Low|Networking and Firewall|Query details
Documentation
| -|Beta - Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud RDB Has Public DB Access
fb387023-e4bb-42a8-9a70-6708aa7ff21b|High|Access Control|Query details
Documentation
| +|Nifcloud Computing Has Public Ingress Security Group Rule
b2ea2367-8dc9-4231-a035-d0b28bfa3dde|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud Computing Undefined Security Group To Instance
89218b48-75c9-4cb3-aaba-5299e852e8bc|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud NAS Has Public Ingress NAS Security Group Rule
8d7758a7-d9cd-499a-a83e-c9bdcbff728d|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud RDB Has Public DB Ingress Security Group Rule
a0b846e8-815f-4f15-b660-bc4ab9fa1e1a|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud Router Undefined Security Group
e7dada38-af20-4899-8955-dabea84ab1f0|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud VPN Gateway Undefined Security Group
b3535a48-910c-47f8-8b3b-14222f29ef80|High|Networking and Firewall|Query details
Documentation
| +|Nifcloud LB Using Insecure TLS Policy ID
944439c7-b4b8-476a-8f83-14641ea876ba|Medium|Encryption|Query details
Documentation
| +|Nifcloud LB Using Insecure TLS Policy Name
675e8eaa-2754-42b7-bf33-bfa295d1601d|Medium|Encryption|Query details
Documentation
| +|Nifcloud ELB Listener Using HTTP Protocol
afcb0771-4f94-44ed-ad4a-9f73f11ce6e0|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud ELB Using HTTP Protocol
e2de2b80-2fc2-4502-a764-40930dfcc70a|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud LB Listener Using HTTP Port
9f751a80-31f0-43a3-926c-20772791a038|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud LB Using HTTP Port
94e47f3f-b90b-43a1-a36d-521580bae863|Medium|Networking and Firewall|Query details
Documentation
| +|Nifcloud Low RDB Backup Retention Period
e5071f76-cbe7-468d-bb2b-d10f02d2b713|Low|Backup|Query details
Documentation
| +|Nifcloud DNS Has Verified Record
a1defcb6-55e8-4511-8c2a-30b615b0e057|Low|Insecure Configurations|Query details
Documentation
| +|Nifcloud Computing Has Common Private Network
df58dd45-8009-43c2-90f7-c90eb9d53ed9|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud ELB Has Common Private Network
5061f84c-ab66-4660-90b9-680c9df346c0|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud NAS Has Common Private Network
4b801c38-ebb4-4c81-984b-1ba525d43adf|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud RDB Has Common Private Network
9bf57c23-fbab-4222-85f3-3f207a53c6a8|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud Router Has Common Private Network
30c2760c-740e-4672-9d7f-2c29e0cb385d|Low|Networking and Firewall|Query details
Documentation
| +|Nifcloud Computing Undefined Description To Security Group
41c127a9-3a85-4bc3-a333-ed374eb9c3e4|Info|Best Practices|Query details
Documentation
| +|Nifcloud Computing Undefined Description To Security Group Rule
e4610872-0b1c-4fb7-ab57-d81c0afdb291|Info|Best Practices|Query details
Documentation
| +|Nifcloud NAS Undefined Description To NAS Security Group
e840c54a-7a4c-405f-b8c1-c49a54b87d11|Info|Best Practices|Query details
Documentation
| +|Nifcloud RDB Undefined Description To DB Security Group
940ddce2-26bd-4e31-a9b4-382714f73231|Info|Best Practices|Query details
Documentation
| ### SHARED (V2/V3) Below are listed queries related to Terraform SHARED (V2/V3): diff --git a/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md b/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md index fa4c5804a56..06ec6c42a7a 100644 --- a/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md +++ b/docs/queries/terraform-queries/07fc3413-e572-42f7-9877-5c8fc6fccfb5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_account_allows_access_secrets) ### Description diff --git a/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md b/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md index 5fad875d70b..647db30035c 100644 --- a/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md +++ b/docs/queries/terraform-queries/0ad60203-c050-4115-83b6-b94bde92541d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_runs_unmasked) ### Description diff --git a/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md b/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md index 8302e84da6d..d13a93bc2bb 100644 --- a/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md +++ b/docs/queries/terraform-queries/15d8a7fd-465a-4d15-a868-add86552f17b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/github/github_repository_set_to_public) ### Description diff --git a/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md b/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md index 038f89cd3c1..7bd49f6ba7e 100644 --- a/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md +++ b/docs/queries/terraform-queries/17172bc2-56fb-4f17-916f-a014147706cd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cluster_admin_role_binding_with_super_user_permissions) ### Description diff --git a/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md b/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md index 9e2106cd795..51dcc1d27c5 100644 --- a/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md +++ b/docs/queries/terraform-queries/17e52ca3-ddd0-4610-9d56-ce107442e110.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/hpa_targets_invalid_object) ### Description diff --git a/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md b/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md index f0cccf88d6e..fc3d661368a 100644 --- a/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md +++ b/docs/queries/terraform-queries/1e434b25-8763-4b00-a5ca-ca03b7abbb66.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/name_is_not_snake_case) ### Description diff --git a/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md b/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md index 1496d3c686a..4e4e5afa593 100644 --- a/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md +++ b/docs/queries/terraform-queries/21719347-d02b-497d-bda4-04a03c8e5b61.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/memory_requests_not_defined) ### Description diff --git a/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md b/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md index c0e1c2c580c..2ed3b121f80 100644 --- a/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md +++ b/docs/queries/terraform-queries/21cef75f-289f-470e-8038-c7cee0664164.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/no_drop_capabilities_for_containers) ### Description diff --git a/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md b/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md index 8b99ad40f11..f5fc80d3c5b 100644 --- a/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md +++ b/docs/queries/terraform-queries/228c4c19-feeb-4c18-848c-800ac70fdfb7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/image_without_digest) ### Description diff --git a/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md b/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md index 1655275780a..09004a4910e 100644 --- a/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md +++ b/docs/queries/terraform-queries/23c3067a-8cc9-480c-b645-7c1e0ad4bf60.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/group_without_user_or_instance_profile) ### Description diff --git a/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md b/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md index a5b5bcc3816..7e646765f59 100644 --- a/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md +++ b/docs/queries/terraform-queries/23e1f5f0-12b7-4d7e-9087-f60f42ccd514.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 307 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/indefinitely_obo_token) ### Description diff --git a/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md b/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md index b65bc507526..fd931b9a02e 100644 --- a/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md +++ b/docs/queries/terraform-queries/24b132df-5cc7-4823-8029-f898e1c50b72.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_account_name_undefined_or_empty) ### Description diff --git a/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md b/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md index 853c7de7760..f09e88c6e47 100644 --- a/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md +++ b/docs/queries/terraform-queries/26b047a9-0329-48fd-8fb7-05bbe5ba80ee.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/incorrect_volume_claim_access_mode_read_write_once) ### Description diff --git a/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md b/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md index dc6a79431b6..bfdb6481468 100644 --- a/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md +++ b/docs/queries/terraform-queries/2a153952-2544-4687-bcc9-cc8fea814a9b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/variable_without_description) ### Description diff --git a/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md b/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md index 61f4aac792e..61a3622b81b 100644 --- a/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md +++ b/docs/queries/terraform-queries/2a52567c-abb8-4651-a038-52fa27c77aed.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 552 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_with_external_load_balancer) ### Description diff --git a/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md b/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md index 9a04f732555..5d9ed97b4a1 100644 --- a/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md +++ b/docs/queries/terraform-queries/2bff9906-4e9b-4f71-9346-8ebedfdf43ef.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 288 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_allows_privilege_escalation) ### Description diff --git a/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md b/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md index 775521fa967..cd13aa6fd9e 100644 --- a/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md +++ b/docs/queries/terraform-queries/2c4fe4a9-f44b-4c70-b09b-5b75cd251805.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/unrestricted_acl) ### Description diff --git a/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md b/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md index 70646310aef..257317b98a8 100644 --- a/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md +++ b/docs/queries/terraform-queries/3360c01e-c8c0-4812-96a2-a6329b9b7f9f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/role_binding_to_default_service_account) ### Description diff --git a/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md b/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md index 1da69b4d6e4..7c880cda953 100644 --- a/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md +++ b/docs/queries/terraform-queries/375cdab9-3f94-4ae0-b1e3-8fbdf9cdf4d7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 477 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/use_spark_submit_task) ### Description diff --git a/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md b/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md index 19ac5922470..8f5461a0576 100644 --- a/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md +++ b/docs/queries/terraform-queries/38028698-e663-4ef7-aa92-773fef0ca86f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/cluster_azure_attributes) ### Description diff --git a/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md b/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md index 9cb941f4d28..443f92ba966 100644 --- a/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md +++ b/docs/queries/terraform-queries/3a81fc06-566f-492a-91dd-7448e409e2cd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 703 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/generic_git_module_without_revision) ### Description diff --git a/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md b/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md index 31c70453032..74909f7fa24 100644 --- a/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md +++ b/docs/queries/terraform-queries/3f55386d-75cd-4e9a-ac47-167b26c04724.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/containers_with_sys_admin_capabilities) ### Description diff --git a/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md b/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md index 6b681499e35..d33207ccbde 100644 --- a/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md +++ b/docs/queries/terraform-queries/420e6360-47bb-46f6-9072-b20ed22c842d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/statefulset_without_service_name) ### Description diff --git a/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md b/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md index 0091c8be567..d8d8e14d5ec 100644 --- a/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md +++ b/docs/queries/terraform-queries/455f2e0c-686d-4fcb-8b5f-3f953f12c43c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/secoomp_profile_is_not_configured) ### Description diff --git a/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md b/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md index 6083f3ec0c0..706cba88c69 100644 --- a/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md +++ b/docs/queries/terraform-queries/461ed7e4-f8d5-4bc1-b3c6-64ddb4fd00a3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/deployment_has_no_pod_anti_affinity) ### Description diff --git a/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md b/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md index db3b54b491b..9456989a476 100644 --- a/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md +++ b/docs/queries/terraform-queries/48388bd2-7201-4dcc-b56d-e8a9efa58fad.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_with_added_capabilities) ### Description diff --git a/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md b/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md index e8288bc8f88..8a8722ea319 100644 --- a/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md +++ b/docs/queries/terraform-queries/4950837c-0ce5-4e42-9bee-a25eae73740b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_allows_containers_to_share_the_host_network_namespace) ### Description diff --git a/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md b/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md index df19a767c42..a33d1622765 100644 --- a/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md +++ b/docs/queries/terraform-queries/4c415497-7410-4559-90e8-f2c8ac64ee38.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/root_containers_admitted) ### Description diff --git a/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md b/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md index a5bf581a3c7..a9b68f1cbe6 100644 --- a/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md +++ b/docs/queries/terraform-queries/4e203a65-c8d8-49a2-b749-b124d43c9dc1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/docker_daemon_socket_is_exposed_to_containers) ### Description diff --git a/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md b/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md index fe3b6c16895..3b77287bda4 100644 --- a/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md +++ b/docs/queries/terraform-queries/4e74cf4f-ff65-4c1a-885c-67ab608206ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/workload_host_port_not_specified) ### Description diff --git a/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md b/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md index aa7a9427b9e..5f05be881b4 100644 --- a/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md +++ b/docs/queries/terraform-queries/51bed0ac-a8ae-407a-895e-90c6cb0610ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_allows_sharing_host_ipc) ### Description diff --git a/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md b/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md index 644077bfda1..eb9a853622e 100644 --- a/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md +++ b/docs/queries/terraform-queries/522d4a64-4dc9-44bd-9240-7d8a0d5cb5ba.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/permissive_access_to_create_pods) ### Description diff --git a/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md b/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md index 931172c2d51..0ac43e41bb4 100644 --- a/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md +++ b/docs/queries/terraform-queries/539e4557-d2b5-4d57-a001-cb01140a4e2d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/cluster_gcp_attributes) ### Description diff --git a/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md b/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md index 9fab27b9a27..356b9b2b508 100644 --- a/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md +++ b/docs/queries/terraform-queries/577ac19c-6a77-46d7-9f14-e049cdd15ec2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cpu_requests_not_set) ### Description diff --git a/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md b/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md index a26ef0ee07c..2d25f195982 100644 --- a/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md +++ b/docs/queries/terraform-queries/587d5d82-70cf-449b-9817-f60f9bccb88c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_host_pid_is_true) ### Description diff --git a/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md b/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md index ea73a612fd3..1f86b19db4e 100644 --- a/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md +++ b/docs/queries/terraform-queries/58876b44-a690-4e9f-9214-7735fa0dd15d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cronjob_deadline_not_configured) ### Description diff --git a/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md b/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md index 11c01f6fa4c..f0452a79d00 100644 --- a/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md +++ b/docs/queries/terraform-queries/59312e8a-a64e-41e7-a252-618533dd1ea8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/output_without_description) ### Description diff --git a/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md b/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md index 30718e16640..2b830ebd9f0 100644 --- a/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md +++ b/docs/queries/terraform-queries/5a627dfa-a4dd-4020-a4c6-5f3caf4abcd6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 807 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/use_lts_spark_version) ### Description diff --git a/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md b/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md index 5b8c714c64e..0c445499867 100644 --- a/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md +++ b/docs/queries/terraform-queries/5b6d53dd-3ba3-4269-b4d7-f82e880e43c3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/liveness_probe_is_not_defined) ### Description diff --git a/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md b/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md index 501130c160a..1fcca31c043 100644 --- a/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md +++ b/docs/queries/terraform-queries/5c281bf8-d9bb-47f2-b909-3f6bb11874ad.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_type_is_nodeport) ### Description diff --git a/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md b/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md index 03c82851ce6..69cc888480c 100644 --- a/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md +++ b/docs/queries/terraform-queries/5f4735ce-b9ba-4d95-a089-a37a767b716f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cpu_limits_not_set) ### Description diff --git a/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md b/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md index 8a65ee44e96..c14a74e81ae 100644 --- a/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md +++ b/docs/queries/terraform-queries/60af03ff-a421-45c8-b214-6741035476fa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_resources_limits_undefined) ### Description diff --git a/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md b/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md index 5ee2fec5045..a65a2b6a0aa 100644 --- a/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md +++ b/docs/queries/terraform-queries/6d8f1a10-b6cd-48f0-b960-f7c535d5cdb8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 526 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/secrets_as_environment_variables) ### Description diff --git a/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md b/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md index d54458e08fe..e46f71707ff 100644 --- a/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md +++ b/docs/queries/terraform-queries/7249e3b0-9231-4af3-bc5f-5daf4988ecbf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/statefulset_without_pod_disruption_budget) ### Description diff --git a/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md b/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md index 0dea5ca495a..25e601eb1e7 100644 --- a/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md +++ b/docs/queries/terraform-queries/737a0dd9-0aaa-4145-8118-f01778262b8a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/default_service_account_in_use) ### Description diff --git a/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md b/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md index 6f602962e3d..e0b3f91b816 100644 --- a/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md +++ b/docs/queries/terraform-queries/7d05ca25-91b4-42ee-b6f6-b06611a87ce8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 307 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/indefinitely_token) ### Description diff --git a/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md b/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md index ece85310981..41efe36423d 100644 --- a/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md +++ b/docs/queries/terraform-queries/826abb30-3cd5-4e0b-a93b-67729b4f7e63.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/rbac_roles_with_read_secrets_permissions) ### Description diff --git a/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md b/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md index 5ebe1299698..28c8be2c3ce 100644 --- a/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md +++ b/docs/queries/terraform-queries/8657197e-3f87-4694-892b-8144701d83c1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/readiness_probe_is_not_configured) ### Description diff --git a/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md b/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md index 4037fde4ac1..7ecf6268996 100644 --- a/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md +++ b/docs/queries/terraform-queries/86a947ea-f577-4efb-a8b0-5fc00257d521.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/non_kube_system_pod_with_host_mount) ### Description diff --git a/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md b/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md index c96a60eb8b6..dbcb7e6f824 100644 --- a/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md +++ b/docs/queries/terraform-queries/87065ef8-de9b-40d8-9753-f4a4303e27a4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_is_privileged) ### Description diff --git a/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md b/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md index 3ccac93ad00..415874b56bf 100644 --- a/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md +++ b/docs/queries/terraform-queries/953c0cc6-5f30-44cb-a803-bf4ef2571be8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/autoscale_badly_setup) ### Description diff --git a/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md b/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md index 71fe32d2dac..f20aa97c8c4 100644 --- a/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md +++ b/docs/queries/terraform-queries/9aa32890-ac1a-45ee-81ca-5164e2098556.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/net_raw_capabilities_disabled_for_psp) ### Description diff --git a/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md b/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md index ee004a0ab56..776991957e4 100644 --- a/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md +++ b/docs/queries/terraform-queries/a05331ee-1653-45cb-91e6-13637a76e4f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/deployment_without_pod_disruption_budget) ### Description diff --git a/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md b/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md index 90bb1106fa2..7d47e1b0dda 100644 --- a/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md +++ b/docs/queries/terraform-queries/a4edb7e1-c0e0-4f7f-9d7c-d1b603e81ad5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/databricks_permissions) ### Description diff --git a/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md b/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md index ed66f7efeb9..81ee9970832 100644 --- a/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md +++ b/docs/queries/terraform-queries/a62a99d1-8196-432f-8f80-3c100b05d62a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/volume_mount_with_os_directory_write_permissions) ### Description diff --git a/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md b/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md index a806fc7c082..686e13adbed 100644 --- a/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md +++ b/docs/queries/terraform-queries/a6a4d4fc-4e8f-47d1-969f-e9d4a084f3b9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/psp_set_to_privileged) ### Description diff --git a/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md b/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md index d2ca6347075..2f21961dddd 100644 --- a/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md +++ b/docs/queries/terraform-queries/a737be28-37d8-4bff-aa6d-1be8aa0a0015.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/workload_mounting_with_sensitive_os_directory) ### Description diff --git a/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md b/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md index 8eb1e5c259c..2f91a45c214 100644 --- a/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md +++ b/docs/queries/terraform-queries/a9174d31-d526-4ad9-ace4-ce7ddbf52e03.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/cluster_allows_unsafe_sysctls) ### Description diff --git a/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md b/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md index 299db0f20e8..91607fc96e5 100644 --- a/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md +++ b/docs/queries/terraform-queries/a9a13d4f-f17a-491b-b074-f54bffffcb4a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/service_account_token_automount_not_disabled) ### Description diff --git a/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md b/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md index 82844adc210..900eb0edeaa 100644 --- a/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md +++ b/docs/queries/terraform-queries/aa737abf-6b1d-4aba-95aa-5c160bd7f96e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/image_pull_policy_of_container_is_not_always) ### Description diff --git a/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md b/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md index 11fa87f4ed5..2a459d84a40 100644 --- a/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md +++ b/docs/queries/terraform-queries/abcb818b-5af7-4d72-aba9-6dd84956b451.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/using_default_namespace) ### Description diff --git a/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md b/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md index 69a4ea476b2..5dd1280b0a5 100644 --- a/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md +++ b/docs/queries/terraform-queries/ac1564a3-c324-4747-9fa1-9dfc234dace0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/shared_host_network_namespace) ### Description diff --git a/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md b/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md index 0c8a9748032..3bfbf91d3f2 100644 --- a/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md +++ b/docs/queries/terraform-queries/ad69e38a-d92e-4357-a8da-f2f29d545883.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/pod_or_container_without_security_context) ### Description diff --git a/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md b/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md index dce98ca0b2e..3bdae26f9d0 100644 --- a/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md +++ b/docs/queries/terraform-queries/alicloud/05db341e-de7d-4972-a106-3e2bd5ee53e1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md b/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md index f5ee3fa93a6..1d343704f7d 100644 --- a/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md +++ b/docs/queries/terraform-queries/alicloud/063234c0-91c0-4ab5-bbd0-47ddb5f23786.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_not_required_numbers) ### Description diff --git a/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md b/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md index 7dabb835ace..4e99b306fb7 100644 --- a/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md +++ b/docs/queries/terraform-queries/alicloud/140869ea-25f2-40d4-a595-0c0da135114e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_log_connections_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md b/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md index 3bfb32ea15c..18c83841dae 100644 --- a/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md +++ b/docs/queries/terraform-queries/alicloud/1455cb21-1d48-46d6-8ae3-cef911b71fd5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/launch_template_is_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md b/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md index 07ebacdb8a7..216596859eb 100644 --- a/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md +++ b/docs/queries/terraform-queries/alicloud/1b4565c0-4877-49ac-ab03-adebbccd42ae.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md b/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md index 451b3e328ee..c419b75607d 100644 --- a/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md +++ b/docs/queries/terraform-queries/alicloud/1bcdf9f0-b1aa-40a4-b8c6-cd7785836843.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/api_gateway_api_protocol_not_https) ### Description diff --git a/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md b/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md index be300a5764a..e23e01dad20 100644 --- a/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md +++ b/docs/queries/terraform-queries/alicloud/2ae9d554-23fb-4065-bfd1-fe43d5f7c419.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/public_security_group_rule_sensitive_port) ### Description diff --git a/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md b/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md index 1879053136a..da65933202a 100644 --- a/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md +++ b/docs/queries/terraform-queries/alicloud/2b13c6ff-b87a-484d-86fd-21ef6e97d426.md @@ -20,11 +20,11 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_has_static_website) ### Description -Checks if any static websties are hosted on buckets. Be aware of any website you are running.
+Checks if any static websites are hosted on buckets. Be aware of any website you are running.
[Documentation](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#website) ### Code samples diff --git a/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md b/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md index 1aa8e2827db..2b3bc915c05 100644 --- a/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md +++ b/docs/queries/terraform-queries/alicloud/2bb13841-7575-439e-8e0a-cccd9ede2fa8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_max_password_age_unrecommended) ### Description diff --git a/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md b/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md index 12da6f462d1..b09702e3c7e 100644 --- a/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md +++ b/docs/queries/terraform-queries/alicloud/39750e32-3fe9-453b-8c33-dd277acdb2cc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/disk_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md b/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md index 28d13370d9f..8177527e3d9 100644 --- a/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md +++ b/docs/queries/terraform-queries/alicloud/41a38329-d81b-4be4-aef4-55b2615d3282.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_not_required_symbols) ### Description diff --git a/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md b/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md index 9bf202d4505..bbd430d4ee0 100644 --- a/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md +++ b/docs/queries/terraform-queries/alicloud/44d434ca-a9bf-4203-8828-4c81a8d5a598.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_tde_status_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md b/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md index c6009c9ec5b..ec3068b69a5 100644 --- a/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md +++ b/docs/queries/terraform-queries/alicloud/4bb06fa1-2114-4a00-b7b5-6aeab8b896f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 788 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ros_stack_retention_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md b/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md index 1059188267f..7912ec7248e 100644 --- a/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md +++ b/docs/queries/terraform-queries/alicloud/5e0fb613-ba9b-44c3-88f0-b44188466bfd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_uppercase_character) ### Description diff --git a/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md b/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md index e757c7c34db..15ca2718bfa 100644 --- a/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md +++ b/docs/queries/terraform-queries/alicloud/5f670f9d-b1b4-4c90-8618-2288f1ab9676.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/nas_file_system_without_kms) ### Description diff --git a/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md b/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md index 89964e24c1a..ae9de9d615e 100644 --- a/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md +++ b/docs/queries/terraform-queries/alicloud/60587dbd-6b67-432e-90f7-a8cf1892d968.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/public_security_group_rule_all_ports_or_protocols) ### Description diff --git a/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md b/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md index d8889edd3e1..a47f6c1d1ad 100644 --- a/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md +++ b/docs/queries/terraform-queries/alicloud/6107c530-7178-464a-88bc-df9cdd364ac8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_ip_restriction_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md b/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md index b936587950e..9a38ff5fd70 100644 --- a/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md +++ b/docs/queries/terraform-queries/alicloud/62232513-b16f-4010-83d7-51d0e1d45426.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_public_access_enabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md b/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md index e219d44d283..829125eb5c6 100644 --- a/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md +++ b/docs/queries/terraform-queries/alicloud/66505003-7aba-45a1-8d83-5162d5706ef5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_policy_attached_to_user) ### Description diff --git a/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md b/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md index 3a6d49c3836..f18e9d44197 100644 --- a/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md +++ b/docs/queries/terraform-queries/alicloud/67bfdff1-31ce-4525-b564-e94368735360.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/nas_file_system_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md b/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md index be81c8fb685..272df3fb407 100644 --- a/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md +++ b/docs/queries/terraform-queries/alicloud/69b5d7da-a5db-4db9-a42e-90b65d0efb0b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/actiontrail_trail_oss_bucket_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md b/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md index cc5291dc6a8..827f07bb004 100644 --- a/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md +++ b/docs/queries/terraform-queries/alicloud/70919c0b-2548-4e6b-8d7a-3d84ab6dabba.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_versioning_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md b/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md index bd4bc739211..f89af5ae063 100644 --- a/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md +++ b/docs/queries/terraform-queries/alicloud/72ceb736-0aee-43ea-a191-3a69ab135681.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 829 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/no_ros_stack_policy) ### Description diff --git a/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md b/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md index dbe71f8a826..d051b06f940 100644 --- a/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md +++ b/docs/queries/terraform-queries/alicloud/7a1ee8a9-71be-4b11-bb70-efb62d16863b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_ssl_action_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md b/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md index ce6c4da8f2d..50ff827f76c 100644 --- a/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md +++ b/docs/queries/terraform-queries/alicloud/7db8bd7e-9772-478c-9ec5-4bc202c5686f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 664 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_lifecycle_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md b/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md index 7544bcc5b81..b349ab26068 100644 --- a/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md +++ b/docs/queries/terraform-queries/alicloud/81ce9394-013d-4731-8fcc-9d229b474073.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/cs_kubernetes_node_pool_auto_repair_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md b/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md index ddc16a14a98..540a6027bfe 100644 --- a/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md +++ b/docs/queries/terraform-queries/alicloud/88541597-6f88-42c8-bac6-7e0b855e8ff6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_list_action_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md b/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md index 093308e64b5..16f4bfe5f87 100644 --- a/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md +++ b/docs/queries/terraform-queries/alicloud/89143358-cec6-49f5-9392-920c591c669c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_password_security_policy_not_require_at_least_one_lowercase_character) ### Description diff --git a/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md b/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md index 616face97f5..9cf80d79cdd 100644 --- a/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md +++ b/docs/queries/terraform-queries/alicloud/8c0695d8-2378-4cd6-8243-7fd5894fa574.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_delete_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md b/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md index 756ff59aff2..b79a364e59f 100644 --- a/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md +++ b/docs/queries/terraform-queries/alicloud/8f98334a-99aa-4d85-b72a-1399ca010413.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_transfer_acceleration_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md b/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md index c1300563a84..4eca1e65cbf 100644 --- a/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md +++ b/docs/queries/terraform-queries/alicloud/9ef08939-ea40-489c-8851-667870b2ef50.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ros_stack_notifications_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md b/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md index 0b987eef035..95084ce3290 100644 --- a/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md +++ b/docs/queries/terraform-queries/alicloud/a597e05a-c065-44e7-9cc8-742f572a504a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_log_duration_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md b/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md index 4d4ba21010a..11d493b2bd7 100644 --- a/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md +++ b/docs/queries/terraform-queries/alicloud/a8128dd2-89b0-464b-98e9-5d629041dfe0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_without_reuse_prevention) ### Description diff --git a/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md b/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md index 865bfdfeb21..7f311d41cb9 100644 --- a/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md +++ b/docs/queries/terraform-queries/alicloud/a9dfec39-a740-4105-bbd6-721ba163c053.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_not_required_minimum_length) ### Description diff --git a/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md b/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md index edbd4c4305e..b83c2005187 100644 --- a/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md +++ b/docs/queries/terraform-queries/alicloud/b9b7ada8-3868-4a35-854e-6100a2bb863d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/kubernetes_cluster_without_terway_as_cni_network_plugin) ### Description diff --git a/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md b/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md index 722e700aede..5086a70a20b 100644 --- a/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md +++ b/docs/queries/terraform-queries/alicloud/b9c524a4-fe76-4021-a6a2-cb978fb4fde1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_events_not_logged) ### Description diff --git a/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md b/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md index b8f4e29ddc9..9ff7a32ad48 100644 --- a/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md +++ b/docs/queries/terraform-queries/alicloud/c01d10de-c468-4790-b3a0-fc887a56f289.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_buckets_securetransport_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md b/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md index f6c06f5488a..7c092bba69b 100644 --- a/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md +++ b/docs/queries/terraform-queries/alicloud/c065b98e-1515-4991-9dca-b602bd6a2fbb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/action_trail_logging_all_regions_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md b/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md index f095cb21c33..94b01c2296b 100644 --- a/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md +++ b/docs/queries/terraform-queries/alicloud/cb319d87-b90f-485e-a7e7-f2408380f309.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/high_kms_key_rotation_period) ### Description diff --git a/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md b/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md index 735d58c7c83..5894b79c4cc 100644 --- a/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md +++ b/docs/queries/terraform-queries/alicloud/d2731f3d-a992-44ed-812e-f4f1c2747d71.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/vpc_flow_logs_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md b/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md index d342927e99e..864192f8c2f 100644 --- a/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md +++ b/docs/queries/terraform-queries/alicloud/d53f4123-f8d8-4224-8cb3-f920b151cc98.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_log_disconnections_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md b/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md index e8f30ceba0b..8d35d1c439f 100644 --- a/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md +++ b/docs/queries/terraform-queries/alicloud/dbfc834a-56e5-4750-b5da-73fda8e73f70.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/slb_policy_with_insecure_tls_version_in_use) ### Description diff --git a/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md b/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md index 7850364a9d7..44bd987b5b4 100644 --- a/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md +++ b/docs/queries/terraform-queries/alicloud/dc158941-28ce-481d-a7fa-dc80761edf46.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_retention_not_recommended) ### Description diff --git a/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md b/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md index c3167c24177..febddcaa2a1 100644 --- a/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md +++ b/docs/queries/terraform-queries/alicloud/dcda2d32-e482-43ee-a926-75eaabeaa4e0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 287 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_security_preference_not_enforce_mfa) ### Description diff --git a/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md b/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md index 157b5115996..6f225b957e9 100644 --- a/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md +++ b/docs/queries/terraform-queries/alicloud/dd706080-b7a8-47dc-81fb-3e8184430ec0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/public_security_group_rule_unknown_port) ### Description diff --git a/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md b/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md index ad9c1eae977..b04ee89dd5f 100644 --- a/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md +++ b/docs/queries/terraform-queries/alicloud/e76fd7ab-7333-40c6-a2d8-ea28af4a319e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 307 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_account_password_policy_max_login_attempts_unrecommended) ### Description diff --git a/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md b/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md index 857a3b9f573..f4ca04b10a0 100644 --- a/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md +++ b/docs/queries/terraform-queries/alicloud/e8e62026-da63-4904-b402-65adfe3ca975.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ram_policy_admin_access_not_attached_to_users_groups_roles) ### Description diff --git a/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md b/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md index 99d9c8edd46..bf2a7dbc9c6 100644 --- a/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md +++ b/docs/queries/terraform-queries/alicloud/ec62a32c-a297-41ca-a850-cab40b42094a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_all_actions_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md b/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md index 13419675a0b..f310999987d 100644 --- a/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md +++ b/docs/queries/terraform-queries/alicloud/ed6cf6ff-9a1f-491c-9f88-e03c0807f390.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/log_retention_is_not_greater_than_90_days) ### Description diff --git a/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md b/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md index 3f6b76bc0ee..e4cdf2d5908 100644 --- a/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md +++ b/docs/queries/terraform-queries/alicloud/ed6e3ba0-278f-47b6-a1f5-173576b40b7e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/cmk_is_unusable) ### Description diff --git a/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md b/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md index 3f13670665f..44bf3e1bb6c 100644 --- a/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md +++ b/docs/queries/terraform-queries/alicloud/ee3b1557-9fb5-4685-a95d-93f1edf2a0d7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/alb_listening_on_http) ### Description diff --git a/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md b/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md index 298b92b5f1e..d3084ed7fb1 100644 --- a/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md +++ b/docs/queries/terraform-queries/alicloud/f20e97f9-4919-43f1-9be9-f203cd339cdd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_cmk_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md b/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md index ad674e739ee..99413976a0f 100644 --- a/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md +++ b/docs/queries/terraform-queries/alicloud/f262118c-1ac6-4bb3-8495-cc48f1775b85.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ecs_data_disk_kms_key_id_undefined) ### Description diff --git a/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md b/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md index 2d7a201f114..846b74e0e76 100644 --- a/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md +++ b/docs/queries/terraform-queries/alicloud/faaefc15-51a5-419e-bb5e-51a4b5ab3485.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/rds_instance_address_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md b/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md index 10acc24c22a..034352db33b 100644 --- a/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md +++ b/docs/queries/terraform-queries/alicloud/fe286195-e75c-4359-bd58-00847c4f855a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/oss_bucket_allows_put_action_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md b/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md index c959682a6c2..3fdb596eae5 100644 --- a/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md +++ b/docs/queries/terraform-queries/aws/00e5e55e-c2ff-46b3-a757-a7a1cd802456.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_without_minimum_protocol_tls_1.2) ### Description diff --git a/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md b/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md index 529f7b786a0..52b1d402383 100644 --- a/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md +++ b/docs/queries/terraform-queries/aws/01d50b14-e933-4c99-b314-6d08cd37ad35.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/glue_data_catalog_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md b/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md index 9b055b5853d..198f233b595 100644 --- a/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md +++ b/docs/queries/terraform-queries/aws/030d3b18-1821-45b4-9e08-50efbe7becbb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/amazon_dms_replication_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md b/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md index ea10d0f1490..d6a62a58f7f 100644 --- a/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md +++ b/docs/queries/terraform-queries/aws/034d0aee-620f-4bf7-b7fb-efdf661fdb9e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_lambda_CreateFunction_and_lambda_InvokeFunction) ### Description diff --git a/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md b/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md index d6cecce9034..7918d2e4f23 100644 --- a/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md +++ b/docs/queries/terraform-queries/aws/04c686f1-e0cd-4812-88e1-4e038410074c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_CreateLoginProfile) ### Description diff --git a/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md b/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md index 6769f6af25e..1821e61918c 100644 --- a/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md +++ b/docs/queries/terraform-queries/aws/051f2063-2517-4295-ad8e-ba88c1bf5cfc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/msk) ### Description diff --git a/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md b/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md index 664f0fea427..753df4b88b9 100644 --- a/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md +++ b/docs/queries/terraform-queries/aws/081069cb-588b-4ce1-884c-2a1ce3029fe5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_metrics_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md b/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md index 7854a19f524..1d3bb6411e2 100644 --- a/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md +++ b/docs/queries/terraform-queries/aws/084c6686-2a70-4710-91b1-000393e54c12.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/shield_advanced_not_in_use) ### Description diff --git a/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md b/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md index 18100975c2f..5d866b9093f 100644 --- a/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md +++ b/docs/queries/terraform-queries/aws/08bd0760-8752-44e1-9779-7bb369b2b4e4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_instance_storage_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md b/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md index fc6e788127c..c53a82de26b 100644 --- a/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md +++ b/docs/queries/terraform-queries/aws/09c35abf-5852-4622-ac7a-b987b331232e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cross_account_iam_assume_role_policy_without_external_id_or_mfa) ### Description diff --git a/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md b/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md index d4276d2008a..4433a71f0cb 100644 --- a/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md +++ b/docs/queries/terraform-queries/aws/0a494a6a-ebe2-48a0-9d77-cf9d5125e1b3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_cluster_without_vpc) ### Description diff --git a/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md b/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md index c455106a510..90ec2e770b1 100644 --- a/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md +++ b/docs/queries/terraform-queries/aws/0a592060-8166-49f5-8e65-99ac6dce9871.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_glue_CreateDevEndpoint) ### Description diff --git a/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md b/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md index 710d92fea2e..f2feb04004e 100644 --- a/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md +++ b/docs/queries/terraform-queries/aws/0a8e8dc5-b6fc-44fc-b5a1-969ec950f9b0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_changes_to_nacl_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md b/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md index aa944638f1c..5865aeb28ec 100644 --- a/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md +++ b/docs/queries/terraform-queries/aws/0a96ce49-4163-4ee6-8169-eb3b0797d694.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_configured_authorizer) ### Description diff --git a/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md b/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md index 332b2c89b31..a670d33c182 100644 --- a/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md +++ b/docs/queries/terraform-queries/aws/0afa6ab8-a047-48cf-be07-93a2f8c34cf7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_is_not_integrated_with_waf) ### Description diff --git a/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md b/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md index eec229b09ec..3104db4528a 100644 --- a/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md +++ b/docs/queries/terraform-queries/aws/0afbcfe9-d341-4b92-a64c-7e6de0543879.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_log_group_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md b/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md index 0c505934b3a..e7994fdc44a 100644 --- a/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md +++ b/docs/queries/terraform-queries/aws/0b4869fc-a842-4597-aa00-1294df425440.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_ssl_certificate) ### Description diff --git a/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md b/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md index f36412cf9b3..9388bdb5078 100644 --- a/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md +++ b/docs/queries/terraform-queries/aws/0b530315-0ea4-497f-b34c-4ff86268f59d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kms_key_with_no_deletion_window) ### Description diff --git a/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md b/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md index 4bb5bca0a5d..0529bde8434 100644 --- a/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md +++ b/docs/queries/terraform-queries/aws/0b93729a-d882-4803-bdc3-ac429a21f158.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_using_api_keys) ### Description diff --git a/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md b/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md index 22b43238e96..af0b9681cd0 100644 --- a/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md +++ b/docs/queries/terraform-queries/aws/0bc534c5-13d1-4353-a7fe-b8665d5c1d7d.md @@ -20,8 +20,8 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dynamodb_vpc_endpoint_wihout_route_table_association) +- **CWE:** 285 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dynamodb_vpc_endpoint_without_route_table_association) ### Description Dynamodb VPC Endpoint should be associated with Route Table Association
diff --git a/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md b/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md index 4eb43109693..7be5f79481c 100644 --- a/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md +++ b/docs/queries/terraform-queries/aws/0c10d7da-85c4-4d62-b2a8-d6c104f1bd77.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PutUserPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md b/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md index a79aa78f71a..57b35dfb647 100644 --- a/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md +++ b/docs/queries/terraform-queries/aws/0ca1017d-3b80-423e-bb9c-6cd5898d34bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_iam_invokefunction_misconfigured) ### Description diff --git a/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md b/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md index 1f21d7e0abd..fd9c6f5b017 100644 --- a/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md +++ b/docs/queries/terraform-queries/aws/0e32d561-4b5a-4664-a6e3-a3fa85649157.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_repository_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md b/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md index 13381e1f7e3..5db39c1a15a 100644 --- a/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md +++ b/docs/queries/terraform-queries/aws/0e59d33e-bba2-4037-8f88-9765647ca7ad.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/kinesis) ### Description diff --git a/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md b/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md index ca7a205aa36..8d9423f840a 100644 --- a/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md +++ b/docs/queries/terraform-queries/aws/0f6cbf69-41bb-47dc-93f3-3844640bf480.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_cloudtrail_configuration_changes_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md b/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md index d0229e432a6..53cb84a4f9c 100644 --- a/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md +++ b/docs/queries/terraform-queries/aws/0fd7d920-4711-46bd-aff2-d307d82cd8b7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_CreateLoginProfile) ### Description diff --git a/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md b/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md index ce0d2365d3c..f60cd85ce3e 100644 --- a/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md +++ b/docs/queries/terraform-queries/aws/113208f2-a886-4526-9ecc-f3218600e12c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_CreateAccessKey) ### Description diff --git a/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md b/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md index 75dd4c4a7d7..6f603d2b43b 100644 --- a/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md +++ b/docs/queries/terraform-queries/aws/118281d0-6471-422e-a7c5-051bc667926e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_SetDefaultPolicyVersion) ### Description diff --git a/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md b/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md index eac9ec0741e..7ed6ffe473c 100644 --- a/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md +++ b/docs/queries/terraform-queries/aws/126c1788-23c2-4a10-906c-ef179f4f96ec.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elb_using_insecure_protocols) ### Description diff --git a/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md b/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md index c7b9cc75f5f..231e7f06222 100644 --- a/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md +++ b/docs/queries/terraform-queries/aws/12933609-c5bf-44b4-9a41-a6467c3b685b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/rds) ### Description diff --git a/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md b/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md index 65bed4e8fd2..95cf8f9b0c8 100644 --- a/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md +++ b/docs/queries/terraform-queries/aws/12b7e704-37f0-4d1e-911a-44bf60c48c21.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_role_allows_all_principals_to_assume) ### Description diff --git a/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md b/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md index 7cbfde8484e..cb2d17ad903 100644 --- a/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md +++ b/docs/queries/terraform-queries/aws/132a8c31-9837-4203-9fd1-15ca210c7b73.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sso_policy_with_full_priveleges) ### Description diff --git a/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md b/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md index 3169f227ade..783458e5385 100644 --- a/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md +++ b/docs/queries/terraform-queries/aws/1402afd8-a95c-4e84-8b0b-6fb43758e6ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/hardcoded_aws_access_key_in_lambda) ### Description diff --git a/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md b/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md index 3a70e5b5e08..27e1d8c5feb 100644 --- a/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md +++ b/docs/queries/terraform-queries/aws/1419b4c6-6d5c-4534-9cf6-6a5266085333.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_without_waf) ### Description diff --git a/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md b/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md index 08408c7909b..4baac108d00 100644 --- a/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md +++ b/docs/queries/terraform-queries/aws/151187cb-0efc-481c-babd-ad24e3c9bc22.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/remote_desktop_port_open_to_internet) ### Description diff --git a/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md b/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md index b58a82bf670..274128e1afa 100644 --- a/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md +++ b/docs/queries/terraform-queries/aws/15ccec05-5476-4890-ad19-53991eba1db8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_with_open_access) ### Description diff --git a/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md b/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md index 750271c26dc..ea44150930b 100644 --- a/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md +++ b/docs/queries/terraform-queries/aws/15e6ad8c-f420-49a6-bafb-074f5eb1ec74.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_ec2_RunInstances) ### Description diff --git a/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md b/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md index a9d558adb47..832bb71d341 100644 --- a/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md +++ b/docs/queries/terraform-queries/aws/15ffbacc-fa42-4f6f-a57d-2feac7365caa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_cluster_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md b/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md index fc92a4ff22e..8415cbf4bf6 100644 --- a/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md +++ b/docs/queries/terraform-queries/aws/16c4216a-50d3-4785-bfb2-4adb5144a8ba.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_domain_with_vulnerable_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md b/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md index 865abe24775..80e357009d2 100644 --- a/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md +++ b/docs/queries/terraform-queries/aws/1743f5f1-0bb0-4934-acef-c80baa5dadfa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_CreatePolicyVersion) ### Description diff --git a/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md b/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md index cb37c69ee8f..bdf0a2a4b8d 100644 --- a/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md +++ b/docs/queries/terraform-queries/aws/17b30f8f-8dfb-4597-adf6-57600b6cf25e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_not_integrated_with_cloudwatch) ### Description diff --git a/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md b/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md index c16b46b8f48..3e6cef478fc 100644 --- a/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md +++ b/docs/queries/terraform-queries/aws/19ffbe31-9d72-4379-9768-431195eae328.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_cloudformation_CreateStack) ### Description diff --git a/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md b/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md index b48480b34bb..e29e71bdd8f 100644 --- a/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md +++ b/docs/queries/terraform-queries/aws/1a4bc881-9f69-4d44-8c9a-d37d08f54c50.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_with_public_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md b/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md index 2deaec55e62..ceb5b691df7 100644 --- a/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md +++ b/docs/queries/terraform-queries/aws/1a690d1d-0ae7-49fa-b2db-b75ae0dd1d3e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/aurora_with_disabled_at_rest_encryption) ### Description diff --git a/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md b/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md index a0dfef5888d..86e5968a25b 100644 --- a/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md +++ b/docs/queries/terraform-queries/aws/1afbb3fa-cf6c-4a3d-b730-95e9f4df343e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_replication_group_not_encrypted_at_transit) ### Description diff --git a/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md b/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md index 2c1ec5082ac..32d4c26a4ae 100644 --- a/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md +++ b/docs/queries/terraform-queries/aws/1b3af2f9-af8c-4dfc-a0f1-a03adb70deb2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_function_with_privileged_role) ### Description diff --git a/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md b/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md index 1c540d5cfd3..c40a67ad48f 100644 --- a/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md +++ b/docs/queries/terraform-queries/aws/1b6799eb-4a7a-4b04-9001-8cceb9999326.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_access_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md b/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md index 2b9b26ad306..90679cdb102 100644 --- a/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md +++ b/docs/queries/terraform-queries/aws/1bc1c685-e593-450e-88fb-19db4c82aa1d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_password_without_minimum_length) ### Description diff --git a/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md b/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md index 7f49be4570f..4e11b6aff8f 100644 --- a/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md +++ b/docs/queries/terraform-queries/aws/1bc367f6-901d-4870-ad0c-71d79762ef52.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cdn_configuration_is_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md b/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md index 4f3c9ca7463..297c26953a8 100644 --- a/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md +++ b/docs/queries/terraform-queries/aws/1dc73fb4-5b51-430c-8c5f-25dcf9090b02.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_with_backup_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md b/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md index cc9bd381a4d..da31e600a9b 100644 --- a/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md +++ b/docs/queries/terraform-queries/aws/1df37f4b-7197-45ce-83f8-9994d2fcf885.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_get_action_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md b/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md index 560a1c4fe52..4139e8fb3ec 100644 --- a/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md +++ b/docs/queries/terraform-queries/aws/1e0ef61b-ad85-4518-a3d3-85eaad164885.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_security_group_with_public_scope) ### Description diff --git a/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md b/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md index ad0c8bb8f3f..87d835b1fc0 100644 --- a/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md +++ b/docs/queries/terraform-queries/aws/1ec253ab-c220-4d63-b2de-5b40e0af9293.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_restriction_of_public_bucket) ### Description diff --git a/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md b/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md index 11ed0cc5349..cf74e795744 100644 --- a/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md +++ b/docs/queries/terraform-queries/aws/20018359-6fd7-4d05-ab26-d4dffccbdf79.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elb_access_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md b/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md index 43e701c8f34..b7223f42a5b 100644 --- a/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md +++ b/docs/queries/terraform-queries/aws/2134641d-30a4-4b16-8ffc-2cd4c4ffd15d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_cluster_encrypted_with_aws_managed_key) ### Description diff --git a/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md b/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md index ef50d06ed0b..cf8e1e9fbf4 100644 --- a/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md +++ b/docs/queries/terraform-queries/aws/2285e608-ddbc-47f3-ba54-ce7121e31216.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_route_table_changes_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md b/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md index 09939e0d73e..bd2fc4c83e4 100644 --- a/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md +++ b/docs/queries/terraform-queries/aws/22fbfeac-7b5a-421a-8a27-7a2178bb910b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cmk_rotation_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md b/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md index f78787ae886..55f6915b2df 100644 --- a/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md +++ b/docs/queries/terraform-queries/aws/23b70e32-032e-4fa6-ba5c-82f56b9980e6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_monitoring_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md b/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md index 66708ff59ae..86afc4420bf 100644 --- a/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md +++ b/docs/queries/terraform-queries/aws/23edf35f-7c22-4ff9-87e6-0ca74261cfbf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/dynamo) ### Description diff --git a/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md b/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md index cd1e6a278b3..30141d8ddce 100644 --- a/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md +++ b/docs/queries/terraform-queries/aws/24e16922-4330-4e9d-be8a-caa90299466a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_not_encrypted_at_rest) ### Description diff --git a/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md b/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md index 8893b4790f9..11f6ffdab63 100644 --- a/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md +++ b/docs/queries/terraform-queries/aws/254c932d-e3bf-44b2-bc9d-eb5fdb09f8d4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redis_not_compliant) ### Description diff --git a/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md b/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md index 95593cb7c2d..f820c0ea29f 100644 --- a/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md +++ b/docs/queries/terraform-queries/aws/25d251f3-f348-4f95-845c-1090e41a615c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/efs_without_kms) ### Description diff --git a/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md b/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md index e9f0852c779..539e22bc662 100644 --- a/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md +++ b/docs/queries/terraform-queries/aws/25db74bf-fa3b-44da-934e-8c3e005c0453.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/route53_record_undefined) ### Description diff --git a/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md b/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md index 0e9e4005aaa..b80044b84f7 100644 --- a/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md +++ b/docs/queries/terraform-queries/aws/27c6a499-895a-4dc7-9617-5c485218db13.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_s3_policy_change_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md b/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md index 4915620b91b..545f7c3339b 100644 --- a/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md +++ b/docs/queries/terraform-queries/aws/28545147-2fc6-42d5-a1f9-cf226658e591.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md b/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md index 33a302145d1..f19dd1dd7d4 100644 --- a/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md +++ b/docs/queries/terraform-queries/aws/2b3c8a6d-9856-43e6-ab1d-d651094f03b4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/emr_without_vpc) ### Description diff --git a/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md b/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md index 7e34dce09a9..8bbe215c3a0 100644 --- a/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md +++ b/docs/queries/terraform-queries/aws/2d16c3fb-35ba-4ec0-b4e4-06ee3cbd4045.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/s3_bucket) ### Description diff --git a/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md b/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md index c8228751ea2..f841a7340b6 100644 --- a/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md +++ b/docs/queries/terraform-queries/aws/2e9e0729-66d5-4148-9d39-5e6fb4bf2a4e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_with_https_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md b/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md index 3c53d545c7b..d2c217e90c4 100644 --- a/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md +++ b/docs/queries/terraform-queries/aws/2f01fb2d-828a-499d-b98e-b83747305052.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 829 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/no_stack_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md b/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md index eb897b65dc1..0fce6484897 100644 --- a/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md +++ b/docs/queries/terraform-queries/aws/2f37c4a3-58b9-4afe-8a87-d7f1d2286f84.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policies_with_full_privileges) ### Description diff --git a/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md b/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md index 35820d4b1fc..ae1f5781c3e 100644 --- a/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md +++ b/docs/queries/terraform-queries/aws/2f56b7ab-7fba-4e93-82f0-247e5ddeb239.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/msk_cluster_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md b/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md index 498978733a2..181984861fb 100644 --- a/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md +++ b/docs/queries/terraform-queries/aws/2f737336-b18a-4602-8ea0-b200312e1ac1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_associated_with_public_subnet) ### Description diff --git a/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md b/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md index 08f08426ecf..0275f254ca2 100644 --- a/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md +++ b/docs/queries/terraform-queries/aws/30b88745-eebe-4ecb-a3a9-5cf886e96204.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_ec2_RunInstances) ### Description diff --git a/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md b/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md index c422ac3a04a..9dfc6074e7b 100644 --- a/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md +++ b/docs/queries/terraform-queries/aws/31245f98-a6a9-4182-9fc1-45482b9d030a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/mq_broker_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md b/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md index 9007f14b463..ddb3c66f3f1 100644 --- a/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md +++ b/docs/queries/terraform-queries/aws/3199c26c-7871-4cb3-99c2-10a59244ce7f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_storage_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md b/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md index d331dbd8d1a..e501cd8ec05 100644 --- a/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md +++ b/docs/queries/terraform-queries/aws/3206240f-2e87-4e58-8d24-3e19e7c83d7c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_service_admin_role_is_present) ### Description diff --git a/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md b/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md index a579b2d8f65..6873e01a9ef 100644 --- a/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md +++ b/docs/queries/terraform-queries/aws/33627268-1445-4385-988a-318fd9d1a512.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_UpdateAssumeRolePolicy_and_sts_AssumeRole) ### Description diff --git a/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md b/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md index 92b9d43d44d..7de70f0f717 100644 --- a/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md +++ b/docs/queries/terraform-queries/aws/34b921bd-90a0-402e-a0a5-dc73371fd963.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ses_policy_with_allowed_iam_actions) ### Description diff --git a/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md b/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md index e519235a44c..91be57a8901 100644 --- a/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md +++ b/docs/queries/terraform-queries/aws/35113e6f-2c6b-414d-beec-7a9482d3b2d1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_db_instance_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md b/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md index 84d96372bc1..08cfd1a1fa9 100644 --- a/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md +++ b/docs/queries/terraform-queries/aws/3561130e-9c5f-485b-9e16-2764c82763e5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_user_too_many_access_keys) ### Description diff --git a/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md b/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md index 19fe7b8e77a..d7f60200f1f 100644 --- a/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md +++ b/docs/queries/terraform-queries/aws/35ccf766-0e4d-41ed-9ec4-2dab155082b4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_UpdateLoginProfile) ### Description diff --git a/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md b/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md index 843776f9ba0..fb09548a3cb 100644 --- a/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md +++ b/docs/queries/terraform-queries/aws/37304d3f-f852-40b8-ae3f-725e87a7cedf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_log_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md b/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md index 7b84d1f34fc..cc55ce405c8 100644 --- a/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md +++ b/docs/queries/terraform-queries/aws/381c3f2a-ef6f-4eff-99f7-b169cda3422c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sensitive_port_is_exposed_to_entire_network) ### Description diff --git a/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md b/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md index ac94c81de9e..c660200cb52 100644 --- a/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md +++ b/docs/queries/terraform-queries/aws/38b85c45-e772-4de8-a247-69619ca137b3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_aws_organizations_changes_missing_alarm) ### Description diff --git a/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md b/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md index ff6a55a076d..50eb9941a35 100644 --- a/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md +++ b/docs/queries/terraform-queries/aws/38c5ee0d-7f22-4260-ab72-5073048df100.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_acl_allows_read_or_write_to_all_users) ### Description diff --git a/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md b/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md index 8c3ccc6ed60..b5ded30b689 100644 --- a/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md +++ b/docs/queries/terraform-queries/aws/3a1e94df-6847-4c0e-a3b6-6c6af4e128ef.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vulnerable_default_ssl_certificate) ### Description diff --git a/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md b/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md index 548e3254b5c..55b1468d35a 100644 --- a/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md +++ b/docs/queries/terraform-queries/aws/3af7f2fd-06e6-4dab-b996-2912bea19ba4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/network_acl_with_unrestricted_access_to_ssh) ### Description diff --git a/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md b/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md index f6b921e62d5..283f4fb2504 100644 --- a/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md +++ b/docs/queries/terraform-queries/aws/3b6d777b-76e3-4133-80a3-0d6f667ade7f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/automatic_minor_upgrades_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md b/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md index 2200b78e894..ef2241f04eb 100644 --- a/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md +++ b/docs/queries/terraform-queries/aws/3d3f6270-546b-443c-adb4-bb6fb2187ca6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ebs_default_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md b/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md index 04a66cee535..9e1982de0d2 100644 --- a/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md +++ b/docs/queries/terraform-queries/aws/3db3f534-e3a3-487f-88c7-0a9fbf64b702.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/amazon_mq_broker_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md b/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md index 0ab8e6bb367..d67feb61489 100644 --- a/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md +++ b/docs/queries/terraform-queries/aws/3dd96caa-0b5f-4a85-b929-acfac4646cc2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AttachRolePolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md b/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md index 0182710e6e9..3c5a559c54f 100644 --- a/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md +++ b/docs/queries/terraform-queries/aws/3ddfa124-6407-4845-a501-179f90c65097.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/authentication_without_mfa) ### Description diff --git a/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md b/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md index 6b359b999ea..fca05395a99 100644 --- a/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md +++ b/docs/queries/terraform-queries/aws/3deec14b-03d2-4d27-9670-7d79322e3340.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/codebuild_project_encrypted_with_aws_managed_key) ### Description diff --git a/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md b/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md index 0892da53c0b..3a5bd1d8282 100644 --- a/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md +++ b/docs/queries/terraform-queries/aws/3ef8696c-e4ae-4872-92c7-520bb44dfe77.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/public_lambda_via_api_gateway) ### Description diff --git a/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md b/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md index 87a92c48888..dc06d9867f7 100644 --- a/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md +++ b/docs/queries/terraform-queries/aws/4003118b-046b-4640-b200-b8c7a4c8b89f.md @@ -20,8 +20,8 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sso_policy_with_full_priveleges copy) +- **CWE:** 284 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sso_policy_with_full_priveleges_copy) ### Description The use of AWS SSO for creating users may pose a security risk as it does not synchronize with external Identity Providers (IdP) or Active Directory (AD). This can lead to inconsistencies and potential unauthorized access to resources. It is recommended to review and update user creation processes to ensure proper security protocols are in place.
diff --git a/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md b/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md index a0c0bfdc03d..caba7b248cd 100644 --- a/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md +++ b/docs/queries/terraform-queries/aws/41abc6cc-dde1-4217-83d3-fb5f0cc09d8f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_using_default_port) ### Description diff --git a/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md b/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md index 8b564c4d5b1..08a9d0cc811 100644 --- a/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md +++ b/docs/queries/terraform-queries/aws/42bb6b7f-6d54-4428-b707-666f669d94fb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_static_website_host_enabled) ### Description diff --git a/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md b/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md index a8754923d69..30163855622 100644 --- a/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md +++ b/docs/queries/terraform-queries/aws/42f4b905-3736-4213-bfe9-c0660518cda8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_has_public_access) ### Description diff --git a/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md b/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md index ecf4c561e5d..8e762530613 100644 --- a/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md +++ b/docs/queries/terraform-queries/aws/43a41523-386a-4cb1-becb-42af6b414433.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_SetDefaultPolicyVersion) ### Description diff --git a/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md b/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md index f3e7a63db7d..2980ef2d1a8 100644 --- a/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md +++ b/docs/queries/terraform-queries/aws/443488f5-c734-460b-a36d-5b3f330174dc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_data_contains_encoded_private_key) ### Description diff --git a/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md b/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md index 7d883b6d03d..2d956bf08cd 100644 --- a/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md +++ b/docs/queries/terraform-queries/aws/44ceb4fa-0897-4fd2-b676-30e7a58f2933.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_management_console_sign_in_without_mfa_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md b/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md index a5493c46d9f..30e6f3a6fac 100644 --- a/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md +++ b/docs/queries/terraform-queries/aws/45cff7b6-3b80-40c1-ba7b-2cf480678bb8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md b/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md index 5b5e4a5f5dc..6b072b12d13 100644 --- a/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md +++ b/docs/queries/terraform-queries/aws/46883ce1-dc3e-4b17-9195-c6a601624c73.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/default_security_groups_with_unrestricted_traffic) ### Description diff --git a/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md b/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md index 60cc7713a47..ca429ef1389 100644 --- a/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md +++ b/docs/queries/terraform-queries/aws/4728cd65-a20c-49da-8b31-9c08b423e4db.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/unrestricted_security_group_ingress) ### Description diff --git a/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md b/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md index 3df31a66ced..4535f922493 100644 --- a/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md +++ b/docs/queries/terraform-queries/aws/4766d3ea-241c-4ee6-93ff-c380c996bd1a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_cluster_without_kms) ### Description diff --git a/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md b/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md index 9d02efc0000..f3a1145011f 100644 --- a/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md +++ b/docs/queries/terraform-queries/aws/48207659-729f-4b5c-9402-f884257d794f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/efs_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md b/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md index 92050854b8c..e3d409851a8 100644 --- a/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md +++ b/docs/queries/terraform-queries/aws/482b7d26-0bdb-4b5f-bf6f-545826c0a3dd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 703 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_sns_topic_name_undefined) ### Description diff --git a/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md b/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md index a121cce2f59..77c09f576ac 100644 --- a/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md +++ b/docs/queries/terraform-queries/aws/4849211b-ac39-479e-ae78-5694d506cb24.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_groups_not_used) ### Description diff --git a/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md b/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md index 668749ca431..5a3ff3e3f84 100644 --- a/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md +++ b/docs/queries/terraform-queries/aws/4a800e14-c94a-442d-9067-5a2e9f6c0a4c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elb_using_weak_ciphers) ### Description diff --git a/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md b/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md index aa1f9b6d0c6..496d65cd19b 100644 --- a/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md +++ b/docs/queries/terraform-queries/aws/4bb76f17-3d63-4529-bdca-2b454529d774.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md b/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md index 6399fc57d26..d96d36a5fbf 100644 --- a/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md +++ b/docs/queries/terraform-queries/aws/4bc4dd4c-7d8d-405e-a0fb-57fa4c31b4d9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_policy_accepts_http_requests) ### Description diff --git a/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md b/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md index 3199e5cc400..e96a8fa4c27 100644 --- a/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md +++ b/docs/queries/terraform-queries/aws/4bd15dd9-8d5e-4008-8532-27eb0c3706d3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redis_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md b/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md index e05dd5c54f0..fef36db232c 100644 --- a/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md +++ b/docs/queries/terraform-queries/aws/4beaf898-9f8b-4237-89e2-5ffdc7ee6006.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_security_group_changes_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md b/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md index 871145c3e49..ef0b9e33c97 100644 --- a/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md +++ b/docs/queries/terraform-queries/aws/4c18a45b-4ab1-4790-9f83-399ac695f1e5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_unauthorized_access_defined_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md b/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md index 2b223a84bf6..002c26433aa 100644 --- a/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md +++ b/docs/queries/terraform-queries/aws/4d46ff3b-7160-41d1-a310-71d6d370b08f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_task_definition_volume_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md b/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md index edceb7936cd..c81dbcd2666 100644 --- a/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md +++ b/docs/queries/terraform-queries/aws/4de9de27-254e-424f-bd70-4c1e95790838.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/launch_configuration_is_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md b/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md index 83cc18e56d2..b8dca491557 100644 --- a/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md +++ b/docs/queries/terraform-queries/aws/4e1cc5d3-2811-4fb2-861c-ee9b3cb7f90b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_security_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md b/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md index 04538894a05..fcd046fd075 100644 --- a/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md +++ b/docs/queries/terraform-queries/aws/4eb5f791-c861-4afd-9f94-f2a6a3fe49cb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/mq_broker_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md b/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md index 70caf031edc..a912fb65d91 100644 --- a/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md +++ b/docs/queries/terraform-queries/aws/4f615f3e-fb9c-4fad-8b70-2e9f781806ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_security_group_open_to_large_scope) ### Description diff --git a/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md b/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md index d1ce1c6ff5c..328608cf411 100644 --- a/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md +++ b/docs/queries/terraform-queries/aws/4fa66806-0dd9-4f8d-9480-3174d39c7c91.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_ignore_public_acl) ### Description diff --git a/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md b/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md index 52d1b538499..fd77781623b 100644 --- a/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md +++ b/docs/queries/terraform-queries/aws/52f04a44-6bfa-4c41-b1d3-4ae99a2de05c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_subnet_assigns_public_ip) ### Description diff --git a/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md b/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md index 699ea93e6ba..0f3092f7b07 100644 --- a/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md +++ b/docs/queries/terraform-queries/aws/52ffcfa6-6c70-4ea6-8376-d828d3961669.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_file_validation_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md b/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md index a62e4413c92..9d1eac6f43c 100644 --- a/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md +++ b/docs/queries/terraform-queries/aws/54229498-850b-4f78-b3a7-218d24ef2c37.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/elasticache) ### Description diff --git a/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md b/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md index 33e98358db8..81d142556a3 100644 --- a/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md +++ b/docs/queries/terraform-queries/aws/54378d69-dd7c-4b08-a43e-80d563396857.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/msk_broker_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md b/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md index d278f36a6a7..f107c0cd895 100644 --- a/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md +++ b/docs/queries/terraform-queries/aws/54c417bf-c762-48b9-9d31-b3d87047e3f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sql_analysis_services_port_2383_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md b/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md index 4da1228302f..7c149720b9d 100644 --- a/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md +++ b/docs/queries/terraform-queries/aws/55af1353-2f62-4fa0-a8e1-a210ca2708f5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_viewer_protocol_policy_allows_http) ### Description diff --git a/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md b/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md index b7240190bae..5c8fd78eeac 100644 --- a/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md +++ b/docs/queries/terraform-queries/aws/568a4d22-3517-44a6-a7ad-6a7eed88722c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_versioning) ### Description diff --git a/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md b/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md index 02dd5cf6733..12634a2e1b5 100644 --- a/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md +++ b/docs/queries/terraform-queries/aws/56a585f5-555c-48b2-8395-e64e4740a9cf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_disabling_or_scheduled_deletion_of_customer_created_cmk_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md b/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md index b074e552386..5b2c1adfe31 100644 --- a/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md +++ b/docs/queries/terraform-queries/aws/56f6a008-1b14-4af4-b9b2-ab7cf7e27641.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md b/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md index b9933c4fe94..97f4a770baf 100644 --- a/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md +++ b/docs/queries/terraform-queries/aws/571254d8-aa6a-432e-9725-535d3ef04d69.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_lambda_UpdateFunctionCode) ### Description diff --git a/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md b/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md index 06a108a76eb..9071d9478f1 100644 --- a/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md +++ b/docs/queries/terraform-queries/aws/575a2155-6af1-4026-b1af-d5bc8fe2a904.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policy_grants_full_permissions) ### Description diff --git a/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md b/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md index 4a8d1fdbde5..2c16fa7712c 100644 --- a/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md +++ b/docs/queries/terraform-queries/aws/57b9893d-33b1-4419-bcea-a717ea87e139.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_acl_allows_read_to_any_authenticated_user) ### Description diff --git a/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md b/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md index e16f2bef783..a62aa5fd828 100644 --- a/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md +++ b/docs/queries/terraform-queries/aws/5813ef56-fa94-406a-b35d-977d4a56ff2b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_xray_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md b/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md index 8274583b37a..f86f9977e03 100644 --- a/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md +++ b/docs/queries/terraform-queries/aws/5864d189-ee9a-4009-ac0c-8a582e6b7919.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_management_console_auth_failed_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md b/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md index e91f27db5da..71f500a9416 100644 --- a/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md +++ b/docs/queries/terraform-queries/aws/58b35504-0287-4154-bf69-02c0573deab8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sagemaker_endpoint_configuration_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md b/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md index 5ef0c2d1452..b731d6cef21 100644 --- a/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md +++ b/docs/queries/terraform-queries/aws/590d878b-abdc-428f-895a-e2b68a0e1998.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/unknown_port_exposed_to_internet) ### Description diff --git a/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md b/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md index 85a16e8ddfc..c2dddcb6c67 100644 --- a/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md +++ b/docs/queries/terraform-queries/aws/5a2486aa-facf-477d-a5c1-b010789459ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_has_public_ip) ### Description diff --git a/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md b/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md index 1c98a2d7960..2b955b0f497 100644 --- a/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md +++ b/docs/queries/terraform-queries/aws/5b4d4aee-ac94-4810-9611-833636e5916d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_CreateAccessKey) ### Description diff --git a/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md b/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md index 99ab0b06b9b..d385df00d8b 100644 --- a/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md +++ b/docs/queries/terraform-queries/aws/5b8d7527-de8e-4114-b9dd-9d988f1f418f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_aws_config_configuration_changes_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md b/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md index 49626f1e339..92059be5133 100644 --- a/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md +++ b/docs/queries/terraform-queries/aws/5ba6229c-8057-433e-91d0-21cf13569ca9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/service_control_policies_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md b/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md index 7b5371f7cca..abb8660cdd4 100644 --- a/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md +++ b/docs/queries/terraform-queries/aws/5c0003fb-9aa0-42c1-9da3-eb0e332bef21.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secure_ciphers_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md b/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md index 7019760d25b..b095d82efdc 100644 --- a/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md +++ b/docs/queries/terraform-queries/aws/5c6dd5e7-1fe0-4cae-8f81-4c122717cef3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kinesis_sse_not_configured) ### Description diff --git a/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md b/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md index 2cfba63b9ff..feca5a9e427 100644 --- a/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md +++ b/docs/queries/terraform-queries/aws/5d89db57-8b51-4b38-bb76-b9bd42bd40f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_using_default_port) ### Description diff --git a/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md b/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md index f2b52cf4ddd..b8b4c02dcae 100644 --- a/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md +++ b/docs/queries/terraform-queries/aws/5d9e3164-9265-470c-9a10-57ae454ac0c7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_files_not_encrypted_with_kms) ### Description diff --git a/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md b/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md index 42fb82ed845..c14f082499e 100644 --- a/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md +++ b/docs/queries/terraform-queries/aws/5ea624e4-c8b1-4bb3-87a4-4235a776adcc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_publicity_has_allow_and_not_action_simultaneously) ### Description diff --git a/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md b/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md index 0469fbec906..caccab037c4 100644 --- a/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md +++ b/docs/queries/terraform-queries/aws/5fb49a69-8d46-4495-a2f8-9c8c622b2b6e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_object_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md b/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md index 56b4f65e350..55344a7191f 100644 --- a/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md +++ b/docs/queries/terraform-queries/aws/60224630-175a-472a-9e23-133827040766.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_not_ebs_optimized) ### Description diff --git a/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md b/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md index 9d01d4b167e..17c1d424482 100644 --- a/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md +++ b/docs/queries/terraform-queries/aws/60263b4a-6801-4587-911d-919c37ed733b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PutUserPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md b/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md index 4661ad37851..00fa9e269b4 100644 --- a/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md +++ b/docs/queries/terraform-queries/aws/61cf9883-1752-4768-b18c-0d57f2737709.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_has_public_access_cidrs) ### Description diff --git a/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md b/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md index b5bc46b8137..ed6ab41f0a0 100644 --- a/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md +++ b/docs/queries/terraform-queries/aws/625abc0e-f980-4ac9-a775-f7519ee34296.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_deployment_without_access_log_setting) ### Description diff --git a/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md b/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md index 12fdf9f3829..83088d444e7 100644 --- a/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md +++ b/docs/queries/terraform-queries/aws/63ebcb19-2739-4d3f-aa5c-e8bbb9b85281.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_cluster_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md b/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md index c4aa0b3ab92..76f7e18e25e 100644 --- a/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md +++ b/docs/queries/terraform-queries/aws/64a222aa-7793-4e40-915f-4b302c76e4d4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_acl_grants_write_acp_permission) ### Description diff --git a/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md b/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md index 278ffd7aad6..284614c6fb0 100644 --- a/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md +++ b/docs/queries/terraform-queries/aws/656880aa-1388-488f-a6d4-8f73c23149b2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_database_cluster_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md b/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md index aa30eb02124..0e29671280c 100644 --- a/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md +++ b/docs/queries/terraform-queries/aws/65905cec-d691-4320-b320-2000436cb696.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_group_with_unrestricted_access_to_ssh) ### Description diff --git a/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md b/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md index bfed412d848..2d404d5c592 100644 --- a/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md +++ b/docs/queries/terraform-queries/aws/66c6f96f-2d9e-417e-a998-9058aeeecd44.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_list_action_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md b/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md index 8f11b3d6521..3fcd992623c 100644 --- a/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md +++ b/docs/queries/terraform-queries/aws/66cd88ac-9ddf-424a-b77e-e55e17630bee.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/batch_job_definition_with_privileged_container_properties) ### Description diff --git a/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md b/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md index b4a5a2a682f..d50d776bf7c 100644 --- a/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md +++ b/docs/queries/terraform-queries/aws/66f130d9-b81d-4e8e-9b08-da74b9c891df.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/missing_cluster_log_types) ### Description diff --git a/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md b/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md index e44f8f54912..44839f19fa7 100644 --- a/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md +++ b/docs/queries/terraform-queries/aws/671211c5-5d2a-4e97-8867-30fc28b02216.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_method_does_not_contains_an_api_key) ### Description diff --git a/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md b/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md index d47df30fa59..0716805a2aa 100644 --- a/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md +++ b/docs/queries/terraform-queries/aws/68eb4bf3-f9bf-463d-b5cf-e029bb446d2e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_group_rules_without_description) ### Description diff --git a/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md b/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md index a6caba7d534..f31ae81d286 100644 --- a/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md +++ b/docs/queries/terraform-queries/aws/69e7c320-b65d-41bb-be02-d63ecc0bcc9d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_repository_without_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md b/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md index 3f65a56c100..5a28abb0f04 100644 --- a/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md +++ b/docs/queries/terraform-queries/aws/6b2739db-9c49-4db7-b980-7816e0c248c1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_endpoint_config_is_not_private) ### Description diff --git a/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md b/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md index 1b13a6c579e..bcdbc83d4a9 100644 --- a/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md +++ b/docs/queries/terraform-queries/aws/6b6874fe-4c2f-4eea-8b90-7cceaa4a125e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_network_gateways_changes_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md b/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md index 2800d2e3aba..5d63f947603 100644 --- a/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md +++ b/docs/queries/terraform-queries/aws/6d23d87e-1c5b-4308-b224-92624300f29b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AttachGroupPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md b/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md index 5ac0f37aad5..33874613629 100644 --- a/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md +++ b/docs/queries/terraform-queries/aws/6db03a91-f933-4f13-ab38-a8b87a7de54d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_nodes_not_created_across_multi_az) ### Description diff --git a/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md b/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md index 7942ae6c681..235d54814ce 100644 --- a/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md +++ b/docs/queries/terraform-queries/aws/6db52fa6-d4da-4608-908a-89f0c59e743e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/msk_cluster_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md b/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md index d6ff419efab..85cb8f680b6 100644 --- a/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md +++ b/docs/queries/terraform-queries/aws/6deb34e2-5d9c-499a-801b-ea6d9eda894f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_UpdateLoginProfile) ### Description diff --git a/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md b/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md index 1cacdb7fbf1..0a15e62598d 100644 --- a/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md +++ b/docs/queries/terraform-queries/aws/6e0e2f68-3fd9-4cd8-a5e4-e2213ef0df97.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 404 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/stack_retention_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md b/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md index d81dec5cd1e..df65330ed18 100644 --- a/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md +++ b/docs/queries/terraform-queries/aws/6e3fd2ed-5c83-4c68-9679-7700d224d379.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_not_dropping_invalid_headers) ### Description diff --git a/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md b/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md index e6280de29a1..9001a6a31f2 100644 --- a/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md +++ b/docs/queries/terraform-queries/aws/6e8849c1-3aa7-40e3-9063-b85ee300f29f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_with_sse_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md b/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md index 3525dce739e..44f5f24c9d1 100644 --- a/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md +++ b/docs/queries/terraform-queries/aws/704dadd3-54fc-48ac-b6a0-02f170011473.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/guardduty_detector_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md b/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md index 5749a43ae75..c5a823abec8 100644 --- a/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md +++ b/docs/queries/terraform-queries/aws/7081f85c-b94d-40fd-8b45-a4f1cac75e46.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_access_key_is_exposed) ### Description diff --git a/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md b/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md index 39becb6bbac..1fee27261b1 100644 --- a/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md +++ b/docs/queries/terraform-queries/aws/70b42736-efee-4bce-80d5-50358ed94990.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AttachGroupPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md b/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md index aaf00dd69b8..138a71ba6d6 100644 --- a/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md +++ b/docs/queries/terraform-queries/aws/70cb518c-d990-46f6-bc05-44a5041493d6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AttachUserPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md b/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md index 5b7f94a80e4..96faedf1742 100644 --- a/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md +++ b/docs/queries/terraform-queries/aws/730675f9-52ed-49b6-8ead-0acb5dd7df7f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_policy_with_public_access) ### Description diff --git a/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md b/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md index 0c6ad62b84a..f3e6ce2119f 100644 --- a/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md +++ b/docs/queries/terraform-queries/aws/7350fa23-dcf7-4938-916d-6a60b0c73b50.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cmk_is_unusable) ### Description diff --git a/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md b/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md index 00ba515f54a..02e8a758b5d 100644 --- a/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md +++ b/docs/queries/terraform-queries/aws/741f1291-47ac-4a85-a07b-3d32a9d6bd3e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dynamodb_table_point_in_time_recovery_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md b/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md index c1ed67bbb51..beb8a969d61 100644 --- a/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md +++ b/docs/queries/terraform-queries/aws/75ec6890-83af-4bf1-9f16-e83726df0bd0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_permission_misconfigured) ### Description diff --git a/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md b/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md index 272883f4079..10301c38d0c 100644 --- a/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md +++ b/docs/queries/terraform-queries/aws/76976de7-c7b1-4f64-a94f-90c1345914c2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_replication_group_not_encrypted_at_rest) ### Description diff --git a/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md b/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md index 09850543603..f6cb69664aa 100644 --- a/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md +++ b/docs/queries/terraform-queries/aws/7782d4b3-e23e-432b-9742-d9528432e771.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_SetDefaultPolicyVersion) ### Description diff --git a/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md b/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md index 5774ed111be..77704cef74e 100644 --- a/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md +++ b/docs/queries/terraform-queries/aws/78f1ec6f-5659-41ea-bd48-d0a142dce4f2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_UpdateAssumeRolePolicy_and_sts_AssumeRole) ### Description diff --git a/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md b/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md index b5ca4c5c881..c29fc05f05b 100644 --- a/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md +++ b/docs/queries/terraform-queries/aws/7af2f4a3-00d9-47f3-8d15-ca0888f4e5b2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_encryption_with_kms_is_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md b/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md index d5cd08e523c..c0fe47c3e48 100644 --- a/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md +++ b/docs/queries/terraform-queries/aws/7af43613-6bb9-4a0e-8c4d-1314b799425e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_access_to_any_principal) ### Description diff --git a/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md b/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md index 7be2e986c5f..f5f53c6bda2 100644 --- a/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md +++ b/docs/queries/terraform-queries/aws/7c96920c-6fd0-449d-9a52-0aa431b6beaf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AttachUserPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md b/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md index 6d9bc81835c..a3598b0e4f7 100644 --- a/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md +++ b/docs/queries/terraform-queries/aws/7d544dad-8a6c-431c-84c1-5f07fe9afc0e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_glue_CreateDevEndpoint) ### Description diff --git a/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md b/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md index 5472e831161..5edfddb67d4 100644 --- a/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md +++ b/docs/queries/terraform-queries/aws/7dbba512-e244-42dc-98bb-422339827967.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md b/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md index 9686df0cc0a..b70148b8128 100644 --- a/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md +++ b/docs/queries/terraform-queries/aws/7e4a6e76-568d-43ef-8c4e-36dea481bff1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_using_default_vpc) ### Description diff --git a/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md b/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md index fab2f682184..48cd425e87c 100644 --- a/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md +++ b/docs/queries/terraform-queries/aws/7ebc9038-0bde-479a-acc4-6ed7b6758899.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kms_key_with_full_permissions) ### Description diff --git a/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md b/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md index 56f7acd0944..9db46bb8ca4 100644 --- a/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md +++ b/docs/queries/terraform-queries/aws/8055dec2-efb8-4fe6-8837-d9bed6ff202a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_lambda_CreateFunction_and_lambda_InvokeFunction) ### Description diff --git a/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md b/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md index ea0288bdfcb..9fcc8f1bee9 100644 --- a/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md +++ b/docs/queries/terraform-queries/aws/8152e0cf-d2f0-47ad-96d5-d003a76eabd1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_functions_without_x-ray_tracing) ### Description diff --git a/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md b/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md index e7fe6a6505b..43c356e87e5 100644 --- a/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md +++ b/docs/queries/terraform-queries/aws/816ea8cf-d589-442d-a917-2dd0ce0e45e3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_policy_allows_all_actions) ### Description diff --git a/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md b/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md index 63aca3005ed..c577b9dcc50 100644 --- a/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md +++ b/docs/queries/terraform-queries/aws/8173d5eb-96b5-4aa6-a71b-ecfa153c123d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_multi_region_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md b/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md index 88408879db6..204af1db6eb 100644 --- a/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md +++ b/docs/queries/terraform-queries/aws/846646e3-2af1-428c-ac5d-271eccfa6faf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_CreateAccessKey) ### Description diff --git a/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md b/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md index 5e06ccda69d..a9bd79bb675 100644 --- a/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md +++ b/docs/queries/terraform-queries/aws/862fe4bf-3eec-4767-a517-40f378886b88.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/kinesis_not_encrypted_with_kms) ### Description diff --git a/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md b/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md index d9ead5e98b8..49426a9c8f7 100644 --- a/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md +++ b/docs/queries/terraform-queries/aws/86571149-eef3-4280-a645-01e60df854b0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/ebs) ### Description diff --git a/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md b/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md index f451e2716b3..965d1688647 100644 --- a/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md +++ b/docs/queries/terraform-queries/aws/874d68a3-bfbe-4a4b-aaa0-9e74d7da634b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/certificate_rsa_key_bytes_lower_than_256) ### Description diff --git a/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md b/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md index 8c9f26a7415..6ae09280622 100644 --- a/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md +++ b/docs/queries/terraform-queries/aws/88fd05e0-ac0e-43d2-ba6d-fc0ba60ae1a6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_database_auth_not_enabled) ### Description diff --git a/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md b/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md index adab4882623..5261b002712 100644 --- a/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md +++ b/docs/queries/terraform-queries/aws/89561b03-cb35-44a9-a7e9-8356e71606f4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_ec2_RunInstances) ### Description diff --git a/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md b/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md index 21746eb0fb2..a7c71778043 100644 --- a/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md +++ b/docs/queries/terraform-queries/aws/89806cdc-9c2e-4bd1-a0dc-53f339bcfb2a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/password_without_reuse_prevention) ### Description diff --git a/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md b/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md index 911bbe7f38a..d9ad1709f59 100644 --- a/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md +++ b/docs/queries/terraform-queries/aws/8b1b1e67-6248-4dca-bbad-93486bb181c0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_root_account_use_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md b/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md index ae72706f275..711948541ed 100644 --- a/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md +++ b/docs/queries/terraform-queries/aws/8bbb242f-6e38-4127-86d4-d8f0b2687ae2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ami_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md b/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md index 1e114104471..82a1b95d6ec 100644 --- a/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md +++ b/docs/queries/terraform-queries/aws/8bfbf7ab-d5e8-4100-8618-798956e101e0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PutGroupPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md b/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md index 6612ce21ed4..9fedbf7e367 100644 --- a/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md +++ b/docs/queries/terraform-queries/aws/8c849af7-a399-46f7-a34c-32d3dc96f1fc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_without_vpc) ### Description diff --git a/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md b/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md index 814a5303ecc..0ce2078f004 100644 --- a/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md +++ b/docs/queries/terraform-queries/aws/8d7f7b8c-6c7c-40f8-baa6-62006c6c7b56.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_without_logging) ### Description diff --git a/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md b/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md index aaa77c27057..1d6915a9002 100644 --- a/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md +++ b/docs/queries/terraform-queries/aws/8e94dced-9bcc-4203-8eb7-7e41202b2505.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/auto_scaling_group_with_no_associated_elb) ### Description diff --git a/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md b/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md index 60b7be50d26..181199af16f 100644 --- a/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md +++ b/docs/queries/terraform-queries/aws/8f3c16b3-354d-45db-8ad5-5066778a9485.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_glue_UpdateDevEndpoint) ### Description diff --git a/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md b/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md index dd2045258c5..88f96152aff 100644 --- a/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md +++ b/docs/queries/terraform-queries/aws/8f75840d-9ee7-42f3-b203-b40e3979eb12.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PutUserPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md b/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md index e09f4e511d3..d98bb162a8e 100644 --- a/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md +++ b/docs/queries/terraform-queries/aws/8fdb08a0-a868-4fdf-9c27-ccab0237f1ab.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticache_redis_cluster_without_backup) ### Description diff --git a/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md b/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md index a75dacce4cf..392ab3f7c7d 100644 --- a/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md +++ b/docs/queries/terraform-queries/aws/91bea7b8-0c31-4863-adc9-93f6177266c4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/stack_without_template) ### Description diff --git a/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md b/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md index 4348cd69ce3..b30e5587b92 100644 --- a/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md +++ b/docs/queries/terraform-queries/aws/91f16d09-689e-4926-aca7-155157f634ed.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_service_without_running_tasks) ### Description diff --git a/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md b/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md index 5da6e53bcf6..7fb8755da2c 100644 --- a/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md +++ b/docs/queries/terraform-queries/aws/92d65c51-5d82-4507-a2a1-d252e9706855.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 20 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/alicloud/ros_stack_without_template) ### Description diff --git a/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md b/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md index e7bad4684b5..93c58252cac 100644 --- a/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md +++ b/docs/queries/terraform-queries/aws/92fe237e-074c-4262-81a4-2077acb928c1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sensitive_port_is_exposed_to_wide_private_network) ### Description diff --git a/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md b/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md index 85461052fa0..66ed499e2f6 100644 --- a/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md +++ b/docs/queries/terraform-queries/aws/94690d79-b3b0-43de-b656-84ebef5753e5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudfront_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md b/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md index 532b6877948..6f11e609f93 100644 --- a/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md +++ b/docs/queries/terraform-queries/aws/94fbe150-27e3-4eba-9ca6-af32865e4503.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PassRole_and_glue_CreateDevEndpoint) ### Description diff --git a/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md b/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md index f39176a8d50..3c4f990865f 100644 --- a/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md +++ b/docs/queries/terraform-queries/aws/9630336b-3fed-4096-8173-b9afdfe346a7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 1021 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/unscanned_ecr_image) ### Description diff --git a/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md b/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md index ffc8e7cd894..2fd2462f6f6 100644 --- a/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md +++ b/docs/queries/terraform-queries/aws/967eb3e6-26fc-497d-8895-6428beb6e8e2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_domain_not_encrypted_node_to_node) ### Description diff --git a/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md b/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md index 92aeaa2901f..649b7ba8ca3 100644 --- a/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md +++ b/docs/queries/terraform-queries/aws/96e8183b-e985-457b-90cd-61c0503a3369.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/global_accelerator_flow_logs_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md b/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md index 70572ac6dbf..6b39925c23b 100644 --- a/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md +++ b/docs/queries/terraform-queries/aws/96ed3526-0179-4c73-b1b2-372fde2e0d13.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/default_vpc_exists) ### Description diff --git a/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md b/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md index 33445bfe4e2..7950f4a5b40 100644 --- a/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md +++ b/docs/queries/terraform-queries/aws/970d224d-b42a-416b-81f9-8f4dfe70c4bc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/root_account_has_active_access_keys) ### Description diff --git a/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md b/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md index ac5cad42399..84fe354937e 100644 --- a/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md +++ b/docs/queries/terraform-queries/aws/970ed7a2-0aca-4425-acf1-0453c9ecbca1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AddUserToGroup) ### Description diff --git a/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md b/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md index 416aa2d6884..246f715b00b 100644 --- a/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md +++ b/docs/queries/terraform-queries/aws/97cb0688-369a-4d26-b1f7-86c4c91231bc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_cluster_container_insights_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md b/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md index 96950c618e9..6ae0e3d7de5 100644 --- a/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md +++ b/docs/queries/terraform-queries/aws/982aa526-6970-4c59-8b9b-2ce7e019fe36.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_with_cloudwatch_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md b/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md index 3d13ad48a29..b4d1548dcaf 100644 --- a/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md +++ b/docs/queries/terraform-queries/aws/98a8f708-121b-455b-ae2f-da3fb59d17e1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_with_unsecured_cors_rule) ### Description diff --git a/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md b/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md index f4d46d0b514..f94b105cc72 100644 --- a/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md +++ b/docs/queries/terraform-queries/aws/98d59056-f745-4ef5-8613-32bca8d40b7e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_database_cluster_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md b/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md index f47796a0412..1485a973994 100644 --- a/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md +++ b/docs/queries/terraform-queries/aws/9a205ba3-0dd1-42eb-8d54-2ffec836b51a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_CreateLoginProfile) ### Description diff --git a/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md b/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md index 2dcbe9f92c6..80526abfe6f 100644 --- a/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md +++ b/docs/queries/terraform-queries/aws/9a4ef195-74b9-4c58-b8ed-2b2fe4353a75.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_default_security_group_accepts_all_traffic) ### Description diff --git a/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md b/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md index 7379dcd6db3..c67080e1e58 100644 --- a/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md +++ b/docs/queries/terraform-queries/aws/9b0ffadc-a61f-4c2a-b1e6-68fab60f6267.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PassRole_and_cloudformation_CreateStack) ### Description diff --git a/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md b/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md index cb21877639d..637dc85ac92 100644 --- a/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md +++ b/docs/queries/terraform-queries/aws/9b877bd8-94b4-4c10-a060-8e0436cc09fa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_glue_UpdateDevEndpoint) ### Description diff --git a/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md b/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md index 4a7c8cfd39c..383897a8e1d 100644 --- a/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md +++ b/docs/queries/terraform-queries/aws/9ba198e0-fef4-464a-8a4d-75ea55300de7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_cluster_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md b/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md index 82796695087..47fca9d1313 100644 --- a/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md +++ b/docs/queries/terraform-queries/aws/9d0d4512-1959-43a2-a17f-72360ff06d1b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_vpc_changes_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md b/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md index fb8c5b46b86..08fb857344d 100644 --- a/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md +++ b/docs/queries/terraform-queries/aws/9ec311bf-dfd9-421f-8498-0b063c8bc552.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_user_with_access_to_console) ### Description diff --git a/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md b/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md index 3c2cee1ba1a..130b68802e9 100644 --- a/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md +++ b/docs/queries/terraform-queries/aws/9ef7d25d-9764-4224-9968-fa321c56ef76.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/aws_password_policy_with_unchangeable_passwords) ### Description diff --git a/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md b/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md index 347c11d783f..d8b79c8881b 100644 --- a/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md +++ b/docs/queries/terraform-queries/aws/9f40c07e-699e-4410-8856-3ba0f2e3a2dd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ca_certificate_identifier_is_outdated) ### Description diff --git a/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md b/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md index fcb634eaa5d..7c6f2ab7a0e 100644 --- a/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md +++ b/docs/queries/terraform-queries/aws/9f4a9409-9c60-4671-be96-9716dbf63db1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecs_task_definition_network_mode_not_recommended) ### Description diff --git a/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md b/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md index bf85f4c5ad0..0b25846f8fa 100644 --- a/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md +++ b/docs/queries/terraform-queries/aws/a186e82c-1078-4a7b-85d8-579561fde884.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_without_waf) ### Description diff --git a/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md b/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md index 799a68994cb..14009c57648 100644 --- a/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md +++ b/docs/queries/terraform-queries/aws/a20be318-cac7-457b-911d-04cc6e812c25.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/network_acl_with_unrestricted_access_to_rdp) ### Description diff --git a/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md b/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md index e9d46f46788..48a9e1be391 100644 --- a/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md +++ b/docs/queries/terraform-queries/aws/a2f548f2-188c-4fff-b172-e9a6acb216bd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secretsmanager_secret_without_kms) ### Description diff --git a/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md b/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md index b6225c6e6cc..41bcf2041d5 100644 --- a/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md +++ b/docs/queries/terraform-queries/aws/a31a5a29-718a-4ff4-8001-a69e5e4d029e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/instance_with_no_vpc) ### Description diff --git a/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md b/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md index f67f8520e92..14a52f10063 100644 --- a/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md +++ b/docs/queries/terraform-queries/aws/a4966c4f-9141-48b8-a564-ffe9959945bc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_with_all_permissions) ### Description diff --git a/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md b/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md index 30081bd347b..d37ba13fe69 100644 --- a/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md +++ b/docs/queries/terraform-queries/aws/a8fc2180-b3ac-4c93-bd0d-a55b974e4b07.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_object_level_cloudtrail_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md b/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md index d70e71a6c34..9d38bf6d3b1 100644 --- a/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md +++ b/docs/queries/terraform-queries/aws/abb06e5f-ef9a-4a99-98c6-376d396bfcdf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_queue_exposed) ### Description diff --git a/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md b/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md index 08f5eaa0c8c..3544de2b6d3 100644 --- a/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md +++ b/docs/queries/terraform-queries/aws/abdb29d4-5ca1-4e91-800b-b3569bbd788c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/config_rule_for_encrypted_volumes_is_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md b/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md index 0a686025683..87a38b229aa 100644 --- a/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md +++ b/docs/queries/terraform-queries/aws/ac5a0bc0-a54c-45aa-90c3-15f7703b9132.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/config_configuration_aggregator_to_all_regions_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md b/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md index ae88a5b60f4..2978808fc7f 100644 --- a/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md +++ b/docs/queries/terraform-queries/aws/acb6b4e2-a086-4f35-aefd-4db6ea51ada2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_logs_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md b/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md index 2713a2a4081..7752e65d793 100644 --- a/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md +++ b/docs/queries/terraform-queries/aws/ad296c0d-8131-4d6b-b030-1b0e73a99ad3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_UpdateLoginProfile) ### Description diff --git a/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md b/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md index 6dc4657f8c4..061a928bd0a 100644 --- a/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md +++ b/docs/queries/terraform-queries/aws/ad5b4e97-2850-4adf-be17-1d293e0b85ee.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/glue_security_configuration_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md b/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md index 2233e08a9a9..11a66410f67 100644 --- a/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md +++ b/docs/queries/terraform-queries/aws/ad9dabc7-7839-4bae-a957-aa9120013f39.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_with_vulnerable_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md b/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md index 654dad00f2f..0e79be79d85 100644 --- a/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md +++ b/docs/queries/terraform-queries/aws/af173fde-95ea-4584-b904-bb3923ac4bda.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md b/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md index 29aeb866a32..99247c5ba78 100644 --- a/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md +++ b/docs/queries/terraform-queries/aws/afecd1f1-6378-4f7e-bb3b-60c35801fdd4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_deletion_protection_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md b/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md index 311b4962a12..58e8a99ee04 100644 --- a/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md +++ b/docs/queries/terraform-queries/aws/b0d3ef3f-845d-4b1b-83d6-63a5a380375f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secretsmanager_secret_encrypted_with_aws_managed_key) ### Description diff --git a/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md b/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md index 52b0c9f4b25..361d971d79b 100644 --- a/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md +++ b/docs/queries/terraform-queries/aws/b161c11b-a59b-4431-9a29-4e19f63e6b27.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rest_api_with_vulnerable_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md b/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md index cf7e6ebdb19..a15c8a5dd85 100644 --- a/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md +++ b/docs/queries/terraform-queries/aws/b1a72f66-2236-4f3b-87ba-0da1b366956f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_encrypted_with_aws_managed_key) ### Description diff --git a/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md b/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md index dd687e1249e..691018f6115 100644 --- a/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md +++ b/docs/queries/terraform-queries/aws/b1ffa705-19a3-4b73-b9d0-0c97d0663842.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_role_with_full_privileges) ### Description diff --git a/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md b/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md index 26b81a0c41e..8f56db35ae2 100644 --- a/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md +++ b/docs/queries/terraform-queries/aws/b2315cae-b110-4426-81e0-80bb8640cdd3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/athena_database_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md b/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md index 323f7d1e4f5..6d39926a43a 100644 --- a/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md +++ b/docs/queries/terraform-queries/aws/b26d2b7e-60f6-413d-a3a1-a57db24aa2b3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sns_topic_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md b/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md index 2f7f847b4b7..ae37b718b27 100644 --- a/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md +++ b/docs/queries/terraform-queries/aws/b3a41501-f712-4c4f-81e5-db9a7dc0e34e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_peering_route_table_with_unrestricted_cidr) ### Description diff --git a/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md b/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md index a44d9e09db3..7777af28ed3 100644 --- a/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md +++ b/docs/queries/terraform-queries/aws/b3a59b8e-94a3-403e-b6e2-527abaf12034.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_deployment_without_api_gateway_usage_plan_associated) ### Description diff --git a/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md b/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md index 19b79502990..59991cb7b02 100644 --- a/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md +++ b/docs/queries/terraform-queries/aws/b4378389-a9aa-44ee-91e7-ef183f11079e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policies_attached_to_user) ### Description diff --git a/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md b/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md index 3304c95bf5a..e9b40f55419 100644 --- a/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md +++ b/docs/queries/terraform-queries/aws/b5681959-6c09-4f55-b42b-c40fa12d03ec.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_user_policy_without_mfa) ### Description diff --git a/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md b/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md index fb52de75174..bb43f9ce5c5 100644 --- a/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md +++ b/docs/queries/terraform-queries/aws/b592ffd4-0577-44b6-bd35-8c5ee81b5918.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/no_password_policy_enabled) ### Description diff --git a/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md b/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md index c2f7b0b9cc9..f65ee0fda1e 100644 --- a/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md +++ b/docs/queries/terraform-queries/aws/b69247e5-7e73-464e-ba74-ec9b715c6e12.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_lambda_UpdateFunctionCode) ### Description diff --git a/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md b/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md index de4cdb60b08..edfac4354db 100644 --- a/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md +++ b/docs/queries/terraform-queries/aws/b72d0026-f649-4c91-a9ea-15d8f681ac09.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/stack_notifications_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md b/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md index 43c6ac7aa86..ad64ecf50e6 100644 --- a/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md +++ b/docs/queries/terraform-queries/aws/b7c9a40c-23e4-4a2d-8d39-a3352f10f288.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_method_settings_cache_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md b/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md index 708cb98615c..c63ad3431d6 100644 --- a/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md +++ b/docs/queries/terraform-queries/aws/b8a31292-509d-4b61-bc40-13b167db7e9c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AddUserToGroup) ### Description diff --git a/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md b/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md index 3a65f3dfa94..be67c211443 100644 --- a/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md +++ b/docs/queries/terraform-queries/aws/b9033580-6886-401a-8631-5f19f5bb24c7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/workspaces_workspace_volume_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md b/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md index 8cc376c27cf..7c3803945de 100644 --- a/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md +++ b/docs/queries/terraform-queries/aws/ba40ace1-a047-483c-8a8d-bc2d3a67a82d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/eks_node_group_remote_access_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md b/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md index c5084130353..e3dfd3fcb70 100644 --- a/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md +++ b/docs/queries/terraform-queries/aws/ba48df05-eaa1-4d64-905e-4a4b051e7587.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/autoscaling_groups_supply_tags) ### Description diff --git a/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md b/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md index f938e58b0e9..9495c78b22e 100644 --- a/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md +++ b/docs/queries/terraform-queries/aws/ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ami_shared_with_multiple_accounts) ### Description diff --git a/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md b/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md index f4d21385881..331af6730a8 100644 --- a/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md +++ b/docs/queries/terraform-queries/aws/baecd2da-492a-4d59-b9dc-29540a1398e0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/sqs) ### Description diff --git a/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md b/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md index 4f5d9c45ce7..cf74315d180 100644 --- a/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md +++ b/docs/queries/terraform-queries/aws/bbe3dd3d-fea9-4b68-a785-cfabe2bbbc54.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/policy_without_principal) ### Description diff --git a/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md b/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md index 428d8ff704d..8a2ccf5c46b 100644 --- a/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md +++ b/docs/queries/terraform-queries/aws/bc1f9009-84a0-490f-ae09-3e0ea6d74ad6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/docdb_cluster_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md b/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md index 67da07978c4..97cd661c71d 100644 --- a/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md +++ b/docs/queries/terraform-queries/aws/bca7cc4d-b3a4-4345-9461-eb69c68fcd26.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_using_default_port) ### Description diff --git a/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md b/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md index 75cb0f64a10..eaec770629e 100644 --- a/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md +++ b/docs/queries/terraform-queries/aws/bcdcbdc6-a350-4855-ae7c-d1e6436f7c97.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_policy_grants_assumerole_permission_across_all_services) ### Description diff --git a/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md b/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md index e9a4e41279d..1fa76c303af 100644 --- a/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md +++ b/docs/queries/terraform-queries/aws/bd0088a5-c133-4b20-b129-ec9968b16ef3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_files_s3_bucket_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md b/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md index 906170d084f..ec6cfa1472e 100644 --- a/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md +++ b/docs/queries/terraform-queries/aws/be2aa235-bd93-4b68-978a-1cc65d49082f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_cloudformation_CreateStack) ### Description diff --git a/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md b/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md index cedf5127cdc..86c634e4fb2 100644 --- a/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md +++ b/docs/queries/terraform-queries/aws/bf878b1a-7418-4de3-b13c-3a86cf894920.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_public_acl_overridden_by_public_access_block) ### Description diff --git a/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md b/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md index 6c9e8d53bf2..f1583113546 100644 --- a/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md +++ b/docs/queries/terraform-queries/aws/bf9d42c7-c2f9-4dfe-942c-c8cc8249a081.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AddUserToGroup) ### Description diff --git a/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md b/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md index cc1dbc7e4a2..5b70f62eec4 100644 --- a/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md +++ b/docs/queries/terraform-queries/aws/c0c1e744-0f37-445e-924a-1846f0839f69.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PutRolePolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md b/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md index 7744c395901..dd0b5f16e3f 100644 --- a/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md +++ b/docs/queries/terraform-queries/aws/c3831315-5ae6-4fa8-b458-3d4d5ab7a3f6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 298 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/certificate_has_expired) ### Description diff --git a/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md b/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md index e6f6539292d..d2ffa0f2348 100644 --- a/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md +++ b/docs/queries/terraform-queries/aws/c53c7a89-f9d7-4c7b-8b66-8a555be99593.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/public_and_private_ec2_share_role) ### Description diff --git a/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md b/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md index d1f5c4da14d..484f0ddb4d4 100644 --- a/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md +++ b/docs/queries/terraform-queries/aws/c583f0f9-7dfd-476b-a056-f47c62b47b46.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_lambda_UpdateFunctionCode) ### Description diff --git a/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md b/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md index 660b6da3403..364cb52b22b 100644 --- a/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md +++ b/docs/queries/terraform-queries/aws/c5b31ab9-0f26-4a49-b8aa-4cc064392f4d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_without_enabled_mfa_delete) ### Description diff --git a/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md b/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md index 68a38b25ddc..ce24d345d18 100644 --- a/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md +++ b/docs/queries/terraform-queries/aws/c91d7ea0-d4d1-403b-8fe1-c9961ac082c5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/neptune_cluster_with_iam_database_authentication_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md b/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md index 077ebd9070a..50f7f7253ae 100644 --- a/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md +++ b/docs/queries/terraform-queries/aws/c999cf62-0920-40f8-8dda-0caccd66ed7e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_stage_without_api_gateway_usage_plan_associated) ### Description diff --git a/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md b/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md index f36263b5a6e..cd8a4aa9d68 100644 --- a/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md +++ b/docs/queries/terraform-queries/aws/cb3f5ed6-0d18-40de-a93d-b3538db31e8c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/security_group_without_description) ### Description diff --git a/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md b/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md index 660611147d8..fa15f4f78bc 100644 --- a/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md +++ b/docs/queries/terraform-queries/aws/cc997676-481b-4e93-aa81-d19f8c5e9b12.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ebs_volume_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md b/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md index b322f94b17d..134ce7222c0 100644 --- a/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md +++ b/docs/queries/terraform-queries/aws/ce089fd4-1406-47bd-8aad-c259772bb294.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dynamodb_table_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md b/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md index fef9ace76d9..4d2242240a6 100644 --- a/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md +++ b/docs/queries/terraform-queries/aws/ce60cc6b-6831-4bd7-84a2-cc7f8ee71433.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ssm_session_transit_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md b/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md index 1c6f1645739..07063c348ed 100644 --- a/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md +++ b/docs/queries/terraform-queries/aws/ce60d060-efb8-4bfd-9cf7-ff8945d00d90.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/misconfigured_password_policy_expiration) ### Description diff --git a/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md b/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md index a11d315fa7c..f56d7653184 100644 --- a/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md +++ b/docs/queries/terraform-queries/aws/ce9dfce0-5fc8-433b-944a-3b16153111a8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 613 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sso_permission_with_inadequate_user_session_duration) ### Description diff --git a/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md b/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md index 51bb151ef29..9e18197ca57 100644 --- a/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md +++ b/docs/queries/terraform-queries/aws/cfdcabb0-fc06-427c-865b-c59f13e898ce.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/redshift_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md b/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md index 8a96abcd0e7..29c9e09663f 100644 --- a/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md +++ b/docs/queries/terraform-queries/aws/d0cc8694-fcad-43ff-ac86-32331d7e867f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_public_acl) ### Description diff --git a/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md b/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md index b4e36b69f23..5c54bd39bbc 100644 --- a/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md +++ b/docs/queries/terraform-queries/aws/d1846b12-20c5-4d45-8798-fc35b79268eb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_image_tag_not_immutable) ### Description diff --git a/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md b/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md index ba4ae599f53..8619ab4699f 100644 --- a/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md +++ b/docs/queries/terraform-queries/aws/d24c0755-c028-44b1-b503-8e719c898832.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_put_action_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md b/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md index 012a17dca5c..70028ca4688 100644 --- a/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md +++ b/docs/queries/terraform-queries/aws/d25edb51-07fb-4a73-97d4-41cecdc53a22.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/glue_with_vulnerable_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md b/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md index 623bc9adb4b..68201d9c561 100644 --- a/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md +++ b/docs/queries/terraform-queries/aws/d364984a-a222-4b5f-a8b0-e23ab19ebff3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/athena_workgroup_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md b/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md index 5e977f2f578..73d75f552f8 100644 --- a/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md +++ b/docs/queries/terraform-queries/aws/d6047119-a0b2-4b59-a4f2-127a36fb685b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PutGroupPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md b/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md index ea3329a9483..26c2e2904d1 100644 --- a/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md +++ b/docs/queries/terraform-queries/aws/d7b9d850-3e06-4a75-852f-c46c2e92240b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 798 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/hardcoded_aws_access_key) ### Description diff --git a/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md b/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md index 19d1e324a39..7276df20264 100644 --- a/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md +++ b/docs/queries/terraform-queries/aws/db0ec4c4-852c-46a2-b4f3-7ec13cdb12a8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_logs_destination_with_vulnerable_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md b/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md index e0196b65119..2f92f0bdd02 100644 --- a/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md +++ b/docs/queries/terraform-queries/aws/db78d14b-10e5-4e6e-84b1-dace6327b1ec.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_AttachUserPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md b/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md index 32687c118b8..a003f8a5f30 100644 --- a/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md +++ b/docs/queries/terraform-queries/aws/de7f5e83-da88-4046-871f-ea18504b1d43.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/alb_listening_on_http) ### Description diff --git a/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md b/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md index 67a85cab580..26301cbe955 100644 --- a/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md +++ b/docs/queries/terraform-queries/aws/e08ed7eb-f3ef-494d-9d22-2e3db756a347.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/lambda_permission_principal_is_wildcard) ### Description diff --git a/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md b/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md index c353fb8240d..6e19d4180d9 100644 --- a/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md +++ b/docs/queries/terraform-queries/aws/e227091e-2228-4b40-b046-fc13650d8e88.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_AttachRolePolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md b/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md index dfef318d1f5..8333f778bad 100644 --- a/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md +++ b/docs/queries/terraform-queries/aws/e35c16a2-d54e-419d-8546-a804d8e024d0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sensitive_port_is_exposed_to_small_public_network) ### Description diff --git a/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md b/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md index fd80afae1f6..5647dae7a5b 100644 --- a/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md +++ b/docs/queries/terraform-queries/aws/e38a8e0a-b88b-4902-b3fe-b0fcb17d5c10.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/resource_not_using_tags) ### Description diff --git a/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md b/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md index 3c7501ea288..145691c5131 100644 --- a/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md +++ b/docs/queries/terraform-queries/aws/e39bee8c-fe54-4a3f-824d-e5e2d1cca40a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_role_policy_passrole_allows_all) ### Description diff --git a/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md b/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md index 9a438db018c..b6dfe0ff219 100644 --- a/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md +++ b/docs/queries/terraform-queries/aws/e542bd46-58c4-4e0f-a52a-1fb4f9548e02.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/rds_cluster_with_backup_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md b/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md index fd0397b8fd0..8736de84462 100644 --- a/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md +++ b/docs/queries/terraform-queries/aws/e592a0c5-5bdb-414c-9066-5dba7cdea370.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_access_analyzer_not_enabled) ### Description diff --git a/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md b/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md index 8ccc1a62f33..e576ddccbca 100644 --- a/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md +++ b/docs/queries/terraform-queries/aws/e6b4b943-6883-47a9-9739-7ada9568f8ca.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ebs_volume_snapshot_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md b/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md index 9a8715f3702..b092cfea338 100644 --- a/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md +++ b/docs/queries/terraform-queries/aws/e7530c3c-b7cf-4149-8db9-d037a0b5268e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_without_iam_authentication) ### Description diff --git a/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md b/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md index 37672175eda..77e33e2eee9 100644 --- a/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md +++ b/docs/queries/terraform-queries/aws/e77c89f6-9c85-49ea-b95b-5f960fe5be92.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_PutGroupPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md b/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md index fa7c7389fd6..e0bedc754a7 100644 --- a/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md +++ b/docs/queries/terraform-queries/aws/e86e26fc-489e-44f0-9bcd-97305e4ba69a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ecr_repository_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md b/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md index 7d9ec966d17..dcc522024c6 100644 --- a/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md +++ b/docs/queries/terraform-queries/aws/e979fcbc-df6c-422d-9458-c33d65e71c45.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/elasticsearch_without_slow_logs) ### Description diff --git a/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md b/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md index 3bdb0ecbf8f..31f4ea7b23e 100644 --- a/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md +++ b/docs/queries/terraform-queries/aws/e9b7acf9-9ba0-4837-a744-31e7df1e434d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sqs_vpc_endpoint_without_dns_resolution) ### Description diff --git a/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md b/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md index e27318166d0..52315e1ee53 100644 --- a/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md +++ b/docs/queries/terraform-queries/aws/eaaba502-2f94-411a-a3c2-83d63cc1776d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_iam_policy_changes_alarm_missing) ### Description diff --git a/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md b/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md index 49ba8161245..49d40656f5c 100644 --- a/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md +++ b/docs/queries/terraform-queries/aws/eb64f1e9-f67d-4e35-8a3c-3d6a2f9efea7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PutRolePolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md b/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md index ded23abbe39..9f2200a1e56 100644 --- a/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md +++ b/docs/queries/terraform-queries/aws/ec28bf61-a474-4dbe-b414-6dd3a067d6f0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cognito_userpool_without_mfa) ### Description diff --git a/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md b/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md index 863b75abfcf..99d2eb87380 100644 --- a/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md +++ b/docs/queries/terraform-queries/aws/ec49cbfd-fae4-45f3-81b1-860526d66e3f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/group_with_privilege_escalation_by_actions_iam_CreatePolicyVersion) ### Description diff --git a/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md b/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md index f68b725cfe9..d4efd2f7df1 100644 --- a/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md +++ b/docs/queries/terraform-queries/aws/eccc4d59-74b9-4974-86f1-74386e0c7f33.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/sns) ### Description diff --git a/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md b/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md index b9605643a72..6403d6a0efb 100644 --- a/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md +++ b/docs/queries/terraform-queries/aws/ed35928e-195c-4405-a252-98ccb664ab7b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/api_gateway_with_invalid_compression) ### Description diff --git a/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md b/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md index 5bf8dec56eb..d4fd71251e8 100644 --- a/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md +++ b/docs/queries/terraform-queries/aws/eda48c88-2b7d-4e34-b6ca-04c0194aee17.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_glue_UpdateDevEndpoint) ### Description diff --git a/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md b/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md index 393f988bcb9..dbe195d9966 100644 --- a/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md +++ b/docs/queries/terraform-queries/aws/ee49557d-750c-4cc1-aa95-94ab36cbefde.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_CreatePolicyVersion) ### Description diff --git a/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md b/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md index 8648d60b39b..b0b18845db3 100644 --- a/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md +++ b/docs/queries/terraform-queries/aws/ee9e50e8-b2ed-4176-ad42-8fc0cf7593f4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudtrail_log_files_s3_bucket_with_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md b/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md index 28e7251e10d..95b18d067c2 100644 --- a/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md +++ b/docs/queries/terraform-queries/aws/eeb4d37a-3c59-4789-a00c-1509bc3af1e5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/user_with_privilege_escalation_by_actions_iam_PutRolePolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md b/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md index 1126aa66cc0..a92af1b7ddc 100644 --- a/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md +++ b/docs/queries/terraform-queries/aws/ef0b316a-211e-42f1-888e-64efe172b755.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/cloudwatch_without_retention_period_specified) ### Description diff --git a/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md b/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md index e86fac2bc7a..1a1e30d8c82 100644 --- a/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md +++ b/docs/queries/terraform-queries/aws/f0d8781f-99bf-4958-9917-d39283b168a0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/db_security_group_has_public_interface) ### Description diff --git a/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md b/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md index 717f2274786..160c35d68dc 100644 --- a/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md +++ b/docs/queries/terraform-queries/aws/f1173d8c-3264-4148-9fdb-61181e031b51.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_UpdateAssumeRolePolicy_and_sts_AssumeRole) ### Description diff --git a/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md b/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md index f3291cf60f3..c1eff5f9010 100644 --- a/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md +++ b/docs/queries/terraform-queries/aws/f11aec39-858f-4b6f-b946-0a1bf46c0c87.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/dax_cluster_not_encrypted) ### Description diff --git a/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md b/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md index 642c94da9fd..cc2c11e7d0f 100644 --- a/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md +++ b/docs/queries/terraform-queries/aws/f1adc521-f79a-4d71-b55b-a68294687432.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/ec2_instance_using_default_security_group) ### Description diff --git a/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md b/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md index 6718a3adc56..4ae7890625a 100644 --- a/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md +++ b/docs/queries/terraform-queries/aws/f3674e0c-f6be-43fa-b71c-bf346d1aed99.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/sagemaker_notebook_instance_without_kms) ### Description diff --git a/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md b/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md index 8fe2cd8e71f..b05351e1526 100644 --- a/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md +++ b/docs/queries/terraform-queries/aws/f465fff1-0a0f-457d-aa4d-1bddb6f204ff.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AttachRolePolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md b/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md index 625fc0dfeea..452787368a6 100644 --- a/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md +++ b/docs/queries/terraform-queries/aws/f53f16d6-46a9-4277-9fbe-617b1e24cdca.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/efs) ### Description diff --git a/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md b/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md index 5314b963f86..aef8d842ffb 100644 --- a/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md +++ b/docs/queries/terraform-queries/aws/f83121ea-03da-434f-9277-9cd247ab3047.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_flowlogs_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md b/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md index c053118ea26..147effb0848 100644 --- a/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md +++ b/docs/queries/terraform-queries/aws/f861041c-8c9f-4156-acfc-5e6e524f5884.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md b/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md index 5af3b455132..7ec008311a3 100644 --- a/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md +++ b/docs/queries/terraform-queries/aws/f906113d-cdc0-415a-ba60-609cc6daaf4d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_AttachGroupPolicy) ### Description diff --git a/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md b/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md index eb8f5181674..b1f55c068e5 100644 --- a/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md +++ b/docs/queries/terraform-queries/aws/fa00ce45-386d-4718-8392-fb485e1f3c5b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/secrets_manager_with_vulnerable_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md b/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md index be85024700c..154f69ec222 100644 --- a/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md +++ b/docs/queries/terraform-queries/aws/fa62ac4f-f5b9-45b9-97c1-625c8b6253ca.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/role_with_privilege_escalation_by_actions_iam_PassRole_and_lambda_CreateFunction_lambda_InvokeFunction) ### Description diff --git a/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md b/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md index 337169a160f..56fc1440429 100644 --- a/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md +++ b/docs/queries/terraform-queries/aws/fae52418-bb8b-4ac2-b287-0b9082d6a3fd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 155 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/efs_with_vulnerable_policy) ### Description diff --git a/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md b/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md index 5fbd253dd5e..aeaec0e7409 100644 --- a/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md +++ b/docs/queries/terraform-queries/aws/fc101ca7-c9dd-4198-a1eb-0fbe92e80044.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/iam_group_without_users) ### Description diff --git a/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md b/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md index 44226ef78a9..5aaa3c19461 100644 --- a/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md +++ b/docs/queries/terraform-queries/aws/fcb1b388-f558-4b7f-9b6e-f4e98abb7380.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws_bom/mq) ### Description diff --git a/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md b/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md index 97c23148221..e822265fbb8 100644 --- a/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md +++ b/docs/queries/terraform-queries/aws/fd632aaf-b8a1-424d-a4d1-0de22fd3247a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/vpc_without_network_firewall) ### Description diff --git a/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md b/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md index e1d269b2054..a7c1f762287 100644 --- a/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md +++ b/docs/queries/terraform-queries/aws/ffac8a12-322e-42c1-b9b9-81ff85c39ef7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/http_port_open) ### Description diff --git a/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md b/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md index 555c39a270d..161d757ed16 100644 --- a/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md +++ b/docs/queries/terraform-queries/aws/ffdf4b37-7703-4dfe-a682-9d2e99bc6c09.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/aws/s3_bucket_allows_delete_action_from_all_principals) ### Description diff --git a/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md b/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md index 731377e687c..8fe13ce06c8 100644 --- a/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md +++ b/docs/queries/terraform-queries/azure/0437633b-daa6-4bbc-8526-c0d2443b946e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/ssl_enforce_is_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md b/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md index bbe134f9971..863122429e6 100644 --- a/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md +++ b/docs/queries/terraform-queries/azure/07f7134f-9f37-476e-8664-670c218e4702.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_log_disconnections_not_set) ### Description diff --git a/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md b/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md index 261eb559988..c6cce1917a3 100644 --- a/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md +++ b/docs/queries/terraform-queries/azure/0a70d5f3-1ecd-4c8e-9292-928fc9a8c4f1.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mariadb_server_georedundant_backup_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md b/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md index d343370436b..bccaadaa949 100644 --- a/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md +++ b/docs/queries/terraform-queries/azure/11e9a948-c6c3-4a0f-8dcf-b5cf1763cdbe.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/web_app_accepting_traffic_other_than_https) ### Description diff --git a/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md b/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md index f70fc07c885..503d8c43fe1 100644 --- a/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md +++ b/docs/queries/terraform-queries/azure/12944ec4-1fa0-47be-8b17-42a034f937c2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_account_not_forcing_https) ### Description diff --git a/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md b/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md index f3341e30d63..f38091917e3 100644 --- a/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md +++ b/docs/queries/terraform-queries/azure/16e0879a-c4ae-4ff8-a67d-a2eed5d67b8f.md @@ -20,8 +20,8 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_log_duration_not_set) +- **CWE:** 778 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_log_duration_not_set) ### Description Make sure that for PostgreSQL Database, server parameter 'log_duration' is set to 'ON'
diff --git a/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md b/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md index 0dcfb234704..b08a0a82ccc 100644 --- a/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md +++ b/docs/queries/terraform-queries/azure/17f75827-0684-48f4-8747-61129c7e4198.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/public_storage_account) ### Description diff --git a/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md b/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md index eae7180805a..1dc94202fb2 100644 --- a/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md +++ b/docs/queries/terraform-queries/azure/25c0ea09-f1c5-4380-b055-3b83863f2bb8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_ingress_from_any_ip) ### Description diff --git a/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md b/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md index bc07aa4ee40..ba4b16e956e 100644 --- a/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md +++ b/docs/queries/terraform-queries/azure/261a83f8-dd72-4e8c-b5e1-ebf06e8fe606.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_postgresql_db_server_log_retention_period) ### Description diff --git a/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md b/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md index 7fbd76f2dfd..c6bf6a6ad22 100644 --- a/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md +++ b/docs/queries/terraform-queries/azure/2ab6de9a-0136-415c-be92-79d2e4fd750f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_predictable_admin_account_name) ### Description diff --git a/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md b/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md index aebacba6a6d..01a9b03162b 100644 --- a/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md +++ b/docs/queries/terraform-queries/azure/2b3c671f-1b76-4741-8789-ed1fe0785dc4.md @@ -20,8 +20,8 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_server_without_connection_throttling) +- **CWE:** 770 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_server_without_connection_throttling) ### Description Ensure that Connection Throttling is set for the PostgreSQL server
diff --git a/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md b/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md index fa353fd6257..1f97e885b9a 100644 --- a/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md +++ b/docs/queries/terraform-queries/azure/2b856bf9-8e8c-4005-875f-303a8cba3918.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_activity_log_retention_period) ### Description diff --git a/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md b/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md index 7be50b43b66..dfe4202efa9 100644 --- a/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md +++ b/docs/queries/terraform-queries/azure/2e48d91c-50e4-45c8-9312-27b625868a72.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/waf_is_disabled_for_azure_application_gateway) ### Description diff --git a/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md b/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md index 88cbd7fce88..1097e00b5aa 100644 --- a/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md +++ b/docs/queries/terraform-queries/azure/34664094-59e0-4524-b69f-deaa1a68cce3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/security_contact_email) ### Description diff --git a/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md b/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md index cfb6fe659e8..279ba2d9379 100644 --- a/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md +++ b/docs/queries/terraform-queries/azure/3790d386-be81-4dcf-9850-eaa7df6c10d9.md @@ -20,8 +20,8 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_log_checkpoints_disabled) +- **CWE:** 778 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_log_checkpoints_disabled) ### Description Make sure that for Postgre SQL Database Server, parameter 'log_checkpoints' is set to 'ON'
diff --git a/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md b/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md index 126f712661e..4236c8e784c 100644 --- a/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md +++ b/docs/queries/terraform-queries/azure/38c71c00-c177-4cd7-8d36-cd1007cdb190.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/vault_auditing_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md b/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md index 9d6d372d3b4..5f3fcf66db7 100644 --- a/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md +++ b/docs/queries/terraform-queries/azure/3ac3e75c-6374-4a32-8ba0-6ed69bda404e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_table_allows_all_acl_permissions) ### Description diff --git a/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md b/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md index 501f969125b..cff4f53f47c 100644 --- a/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md +++ b/docs/queries/terraform-queries/azure/3e3c175e-aadf-4e2b-a464-3fdac5748d24.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/ssh_is_exposed_to_the_internet) ### Description diff --git a/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md b/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md index fdb4ed3b8c1..b0dd0f29813 100644 --- a/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md +++ b/docs/queries/terraform-queries/azure/3fa5900f-9aac-4982-96b2-a6143d9c99fb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/role_definition_allows_custom_role_creation) ### Description diff --git a/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md b/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md index 95cffd9385b..87e18d6752e 100644 --- a/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md +++ b/docs/queries/terraform-queries/azure/4216ebac-d74c-4423-b437-35025cb88af5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/network_interfaces_ip_forwarding_enabled) ### Description diff --git a/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md b/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md index eaa19ac38ab..ddb2fadb4cb 100644 --- a/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md +++ b/docs/queries/terraform-queries/azure/43789711-161b-4708-b5bb-9d1c626f7492.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_uses_azure_policies_addon_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md b/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md index baa31272705..7c2f0b1dcf0 100644 --- a/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md +++ b/docs/queries/terraform-queries/azure/45fc717a-bd86-415c-bdd8-677901be1aa6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_not_using_latest_tls_encryption_version) ### Description diff --git a/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md b/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md index c674b29105a..b5568abcd96 100644 --- a/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md +++ b/docs/queries/terraform-queries/azure/48bbe0fd-57e4-4678-a4a1-119e79c90fc3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_share_file_allows_all_acl_permissions) ### Description diff --git a/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md b/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md index 7b4fce3a85b..d7f4d2e456a 100644 --- a/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md +++ b/docs/queries/terraform-queries/azure/4a9e0f00-0765-4f72-a0d4-d31110b78279.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_cognitive_search_public_network_access_enabled) ### Description diff --git a/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md b/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md index 12cd4ebf4dd..c54a47ec197 100644 --- a/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md +++ b/docs/queries/terraform-queries/azure/4d080822-5ee2-49a4-8984-68f3d4c890fc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/key_expiration_not_set) ### Description diff --git a/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md b/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md index 5fb47c793ed..17748266549 100644 --- a/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md +++ b/docs/queries/terraform-queries/azure/5089d055-53ff-421b-9482-a5267bdce629.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md b/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md index b77b2487e30..12dc130c079 100644 --- a/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md +++ b/docs/queries/terraform-queries/azure/525b53be-62ed-4244-b4df-41aecfcb4071.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_http2_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md b/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md index 690336e95e7..3c165272a29 100644 --- a/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md +++ b/docs/queries/terraform-queries/azure/5400f379-a347-4bdd-a032-446465fdcc6f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/trusted_microsoft_services_not_enabled) ### Description diff --git a/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md b/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md index 2e576ffc97b..18a70f6205b 100644 --- a/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md +++ b/docs/queries/terraform-queries/azure/55975007-f6e7-4134-83c3-298f1fe4b519.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_alert_email_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md b/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md index ac0a2a86845..4025e05eea2 100644 --- a/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md +++ b/docs/queries/terraform-queries/azure/56dad03e-e94f-4dd6-93a4-c253a03ff7a0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/cosmos_db_account_without_tags) ### Description diff --git a/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md b/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md index 2286a3ed010..d2557be3be0 100644 --- a/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md +++ b/docs/queries/terraform-queries/azure/594c198b-4d79-41b8-9b36-fde13348b619.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sensitive_port_is_exposed_to_entire_network) ### Description diff --git a/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md b/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md index 3ea9a7e3b04..b9bd28f48ef 100644 --- a/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md +++ b/docs/queries/terraform-queries/azure/599318f2-6653-4569-9e21-041d06c63a89.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_private_cluster_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md b/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md index 57a8bc79902..aa0cb6e0c05 100644 --- a/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md +++ b/docs/queries/terraform-queries/azure/59acb56b-2b10-4c2c-ba38-f2223c3f5cfc.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_msql_server_audit_retention) ### Description diff --git a/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md b/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md index ab855e45ee4..5a396dcdcfa 100644 --- a/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md +++ b/docs/queries/terraform-queries/azure/5c822443-e1ea-46b8-84eb-758ec602e844.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/security_group_is_not_configured) ### Description diff --git a/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md b/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md index d64b939f91e..e7fbd0b78ba 100644 --- a/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md +++ b/docs/queries/terraform-queries/azure/609839ae-bd81-4375-9910-5bce72ae7b92.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mssql_server_auditing_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md b/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md index d1a94b098a9..cf9e6813f9e 100644 --- a/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md +++ b/docs/queries/terraform-queries/azure/61c3cb8b-0715-47e4-b788-86dde40dd2db.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/dashboard_is_enabled) ### Description diff --git a/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md b/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md index fe59ff4f128..6babede0336 100644 --- a/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md +++ b/docs/queries/terraform-queries/azure/6425c98b-ca4e-41fe-896a-c78772c131f8.md @@ -20,8 +20,8 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_server_infrastructure_encryption_disabled) +- **CWE:** 311 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_server_infrastructure_encryption_disabled) ### Description PostgreSQL Server Infrastructure Encryption should be enabled
diff --git a/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md b/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md index cd95a85961f..421952057d5 100644 --- a/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md +++ b/docs/queries/terraform-queries/azure/73e42469-3a86-4f39-ad78-098f325b4e9f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mysql_ssl_connection_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md b/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md index 384d3259a34..efab153a269 100644 --- a/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md +++ b/docs/queries/terraform-queries/azure/7750fcca-dd03-4d38-b663-4b70289bcfd4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_flow_logs_retention_period) ### Description diff --git a/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md b/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md index 59f8d444397..16b8a68b766 100644 --- a/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md +++ b/docs/queries/terraform-queries/azure/7f0a8696-7159-4337-ad0d-8a3ab4a78195.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mariadb_public_network_access_enabled) ### Description diff --git a/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md b/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md index ab973d7289c..d608adb53af 100644 --- a/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md +++ b/docs/queries/terraform-queries/azure/819d50fd-1cdf-45c3-9936-be408aaad93e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/security_center_pricing_tier_is_not_standard) ### Description diff --git a/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md b/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md index 9584f45bc62..a370fad5c34 100644 --- a/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md +++ b/docs/queries/terraform-queries/azure/8263f146-5e03-43e0-9cfe-db960d56d1e7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_account_not_using_latest_tls_encryption_version) ### Description diff --git a/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md b/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md index eaba4b81a17..652553f8f9c 100644 --- a/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md +++ b/docs/queries/terraform-queries/azure/835a4f2f-df43-437d-9943-545ccfc55961.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_front_door_waf_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md b/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md index f2f8c1a405e..410474941dc 100644 --- a/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md +++ b/docs/queries/terraform-queries/azure/83a229ba-483e-47c6-8db7-dc96969bce5a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_database_audit_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md b/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md index 7fb5fc0e687..a6c09f8aa73 100644 --- a/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md +++ b/docs/queries/terraform-queries/azure/85da374f-b00f-4832-9d44-84a1ca1e89f8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_ftps_enforce_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md b/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md index ded14de5ecd..4c904b5b5ad 100644 --- a/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md +++ b/docs/queries/terraform-queries/azure/86f92117-eed8-4614-9c6c-b26da20ff37f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_rbac_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md b/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md index c39d979c7fe..bbcaec984c4 100644 --- a/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md +++ b/docs/queries/terraform-queries/azure/8b042c30-e441-453f-b162-7696982ebc58.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/geo_redundancy_is_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md b/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md index 7307bfc83cd..5fe7fffb6b8 100644 --- a/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md +++ b/docs/queries/terraform-queries/azure/8e75e431-449f-49e9-b56a-c8f1378025cf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/role_assignment_not_limit_guest_users_permissions) ### Description diff --git a/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md b/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md index 7e51445b038..9773b10076d 100644 --- a/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md +++ b/docs/queries/terraform-queries/azure/96fe318e-d631-4156-99fa-9080d57280ae.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_without_latest_php_version) ### Description diff --git a/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md b/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md index 450fc1171c3..bc1158708ac 100644 --- a/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md +++ b/docs/queries/terraform-queries/azure/9bb3c639-5edf-458c-8ee5-30c17c7d671d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_client_certificates_unrequired) ### Description diff --git a/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md b/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md index 6a7dbc1dae0..99ff88d3220 100644 --- a/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md +++ b/docs/queries/terraform-queries/azure/9c301481-e6ec-44f7-8a49-8ec63e2969ea.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/small_mssql_audit_retention_period) ### Description diff --git a/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md b/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md index e85a93b60b0..f008c9e5c4d 100644 --- a/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md +++ b/docs/queries/terraform-queries/azure/9dab0179-433d-4dff-af8f-0091025691df.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_ftps_enforce_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md b/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md index 73807e21739..c99995286e0 100644 --- a/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md +++ b/docs/queries/terraform-queries/azure/9db38e87-f6aa-4b5e-a1ec-7266df259409.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/email_alerts_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md b/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md index f97af296643..baba5f247e5 100644 --- a/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md +++ b/docs/queries/terraform-queries/azure/a187ac47-8163-42ce-8a63-c115236be6fb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 639 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_container_registry_with_no_locks) ### Description diff --git a/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md b/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md index 5d7cee9dd85..ca6863835ef 100644 --- a/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md +++ b/docs/queries/terraform-queries/azure/a21c8da9-41bf-40cf-941d-330cf0d11fc7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_active_directory_authentication) ### Description diff --git a/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md b/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md index 66d5c1413df..3bd31a8e8dc 100644 --- a/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md +++ b/docs/queries/terraform-queries/azure/a3a055d2-9a2e-4cc9-b9fb-12850a1a3a4b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/ad_admin_not_configured_for_sql_server) ### Description diff --git a/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md b/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md index dc2f2e85543..519d7b66a20 100644 --- a/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md +++ b/docs/queries/terraform-queries/azure/a5613650-32ec-4975-a305-31af783153ea.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/default_azure_storage_account_network_access_is_too_permissive) ### Description diff --git a/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md b/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md index a4e053db285..6195593fea9 100644 --- a/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md +++ b/docs/queries/terraform-queries/azure/a81573f9-3691-4d83-88a0-7d4af63e17a3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_app_service_client_certificate_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md b/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md index 79b62fd5c19..1ce00427890 100644 --- a/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md +++ b/docs/queries/terraform-queries/azure/a829b715-cf75-4e92-b645-54c9b739edfb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/firewall_rule_allows_too_many_hosts_to_access_redis_cache) ### Description diff --git a/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md b/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md index 1d77b10caa1..29e115fd180 100644 --- a/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md +++ b/docs/queries/terraform-queries/azure/a99130ab-4c0e-43aa-97f8-78d4fcb30024.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/encryption_on_managed_disk_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md b/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md index 4aaf3e2d76f..bb5039827af 100644 --- a/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md +++ b/docs/queries/terraform-queries/azure/ace823d1-4432-4dee-945b-cdf11a5a6bd0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_http2_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md b/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md index f1f4acb1c22..f85ca87f147 100644 --- a/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md +++ b/docs/queries/terraform-queries/azure/ade36cf4-329f-4830-a83d-9db72c800507.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mssql_server_public_network_access_enabled) ### Description diff --git a/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md b/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md index 4c910da5289..c7ace3d13df 100644 --- a/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md +++ b/docs/queries/terraform-queries/azure/b17d8bb8-4c08-4785-867e-cb9e62a622aa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_disk_encryption_set_id_undefined) ### Description @@ -64,7 +64,7 @@ resource "azurerm_kubernetes_cluster" "negative" { } -resource "azurerm_kubernetes_cluster" "negative" { +resource "azurerm_kubernetes_cluster2" "negative" { name = "example-aks1" location = azurerm_resource_group.example.location resource_group_name = azurerm_resource_group.example.name diff --git a/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md b/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md index 28593978f73..712edfddbcb 100644 --- a/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md +++ b/docs/queries/terraform-queries/azure/b4cc2c52-34a6-4b43-b57c-4bdeb4514a5a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Availability -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/virtual_network_with_ddos_protection_plan_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md b/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md index 63da76c4678..72e8ca7e4fb 100644 --- a/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md +++ b/docs/queries/terraform-queries/azure/b61cce4b-0cc4-472b-8096-15617a6d769b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_managed_identity_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md b/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md index 6b4c67966a8..bed4755cf08 100644 --- a/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md +++ b/docs/queries/terraform-queries/azure/b7b9d1c7-2d3b-49b4-b867-ebbe68d0b643.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version) ### Description diff --git a/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md b/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md index d813b0562e0..6d256d79b62 100644 --- a/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md +++ b/docs/queries/terraform-queries/azure/b897dfbf-322c-45a8-b67c-1e698beeaa51.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/admin_user_enabled_for_container_registry) ### Description diff --git a/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md b/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md index fadd0b058f3..0938bc6d5a1 100644 --- a/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md +++ b/docs/queries/terraform-queries/azure/b90842e5-6779-44d4-9760-972f4c03ba1c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/network_watcher_flow_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md b/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md index 0c9f2a503e2..fad01f6e3ca 100644 --- a/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md +++ b/docs/queries/terraform-queries/azure/b947809d-dd2f-4de9-b724-04d101c515aa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 912 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_not_updated_regularly) ### Description diff --git a/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md b/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md index 203e6791f6b..a6566ae15fa 100644 --- a/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md +++ b/docs/queries/terraform-queries/azure/bbf6b3df-4b65-4f87-82cc-da9f30f8c033.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/vm_not_attached_to_network) ### Description diff --git a/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md b/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md index 97de8c09dbb..a9a15bb9d28 100644 --- a/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md +++ b/docs/queries/terraform-queries/azure/bcd3fc01-5902-4f2a-b05a-227f9bbf5450.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 522 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_predictable_active_directory_admin_account_name) ### Description diff --git a/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md b/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md index 691b8a181e7..9cb14ab1c8b 100644 --- a/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md +++ b/docs/queries/terraform-queries/azure/c1573577-e494-4417-8854-7e119368dc8b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/network_interfaces_with_public_ip) ### Description diff --git a/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md b/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md index 818e07fcec1..1dd0b5ad441 100644 --- a/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md +++ b/docs/queries/terraform-queries/azure/c2a3efb6-8a58-481c-82f2-bfddf34bb4b7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/cosmosdb_account_ip_range_filter_not_set) ### Description diff --git a/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md b/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md index 2af873a996a..d07b2470214 100644 --- a/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md +++ b/docs/queries/terraform-queries/azure/c407c3cf-c409-4b29-b590-db5f4138d332.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_server_threat_detection_policy_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md b/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md index ccfb17ada08..15c21481f84 100644 --- a/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md +++ b/docs/queries/terraform-queries/azure/c640d783-10c5-4071-b6c1-23507300d333.md @@ -20,8 +20,8 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing -- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgre_sql_log_connections_not_set) +- **CWE:** 778 +- **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/postgresql_log_connections_not_set) ### Description Make sure that for PostgreSQL Database, server parameter 'log_connections' is set to 'ON'
diff --git a/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md b/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md index d30f46f393a..7f5f5894166 100644 --- a/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md +++ b/docs/queries/terraform-queries/azure/c6c7b33d-d7f6-4ab8-8c82-ca0431ecdb7e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sensitive_port_is_exposed_to_wide_private_network) ### Description diff --git a/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md b/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md index 14a65c0f4f3..4eb4122a590 100644 --- a/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md +++ b/docs/queries/terraform-queries/azure/c7fc1481-2899-4490-bbd8-544a3a61a2f3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_authentication_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md b/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md index 15a464cdb39..f184e7f4221 100644 --- a/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md +++ b/docs/queries/terraform-queries/azure/c87749b3-ff10-41f5-9df2-c421e8151759.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_managed_identity_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md b/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md index 8cecd5e6261..ce7d33c4657 100644 --- a/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md +++ b/docs/queries/terraform-queries/azure/cc4aaa9d-1070-461a-b519-04e00f42db8a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/app_service_without_latest_python_version) ### Description diff --git a/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md b/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md index 1e3ae490283..931a3d0e013 100644 --- a/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md +++ b/docs/queries/terraform-queries/azure/d7ba74da-2da0-4d4b-83c8-2fd72a3f6c28.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/unrestricted_sql_server_access) ### Description diff --git a/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md b/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md index 358ca7e34ab..1cb0510a2ae 100644 --- a/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md +++ b/docs/queries/terraform-queries/azure/dafe30ec-325d-4516-85d1-e8e6776f012c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/azure_instance_using_basic_authentication) ### Description diff --git a/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md b/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md index 414e59bbe28..1ef5ddc56e7 100644 --- a/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md +++ b/docs/queries/terraform-queries/azure/dd5230f8-a577-4bbb-b7ac-f2c2fe7d5299.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/storage_container_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md b/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md index 8752f14a678..49ad6461cf9 100644 --- a/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md +++ b/docs/queries/terraform-queries/azure/dfa20ffa-f476-428f-a490-424b41e91c7f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 521 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/secret_expiration_not_set) ### Description diff --git a/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md b/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md index 485178f8bcc..a0e6288caf9 100644 --- a/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md +++ b/docs/queries/terraform-queries/azure/e29a75e6-aba3-4896-b42d-b87818c16b58.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_cache_allows_non_ssl_connections) ### Description diff --git a/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md b/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md index 6bdb95a043e..8b84dab23bf 100644 --- a/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md +++ b/docs/queries/terraform-queries/azure/e65a0733-94a0-4826-82f4-df529f4c593f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/function_app_authentication_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md b/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md index 3f9f85d2e55..e1c373b97b9 100644 --- a/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md +++ b/docs/queries/terraform-queries/azure/e9dee01f-2505-4df2-b9bf-7804d1fd9082.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sensitive_port_is_exposed_to_small_public_network) ### Description diff --git a/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md b/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md index 3277dde0538..f17442d3eff 100644 --- a/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md +++ b/docs/queries/terraform-queries/azure/efbf6449-5ec5-4cfe-8f15-acc51e0d787c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/rdp_is_exposed_to_the_internet) ### Description diff --git a/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md b/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md index 5e1110abae2..c185edda8e0 100644 --- a/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md +++ b/docs/queries/terraform-queries/azure/f118890b-2468-42b1-9ce9-af35146b425b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/mysql_server_public_access_enabled) ### Description diff --git a/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md b/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md index 48e330789c1..dd9b55e3485 100644 --- a/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md +++ b/docs/queries/terraform-queries/azure/f5342045-b935-402d-adf1-8dbbd09c0eef.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/aks_network_policy_misconfigured) ### Description diff --git a/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md b/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md index 155496915d6..4e278111e5a 100644 --- a/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md +++ b/docs/queries/terraform-queries/azure/f7e296b0-6660-4bc5-8f87-22ac4a815edf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/sql_server_auditing_disabled) ### Description diff --git a/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md b/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md index 976a00fabbb..5a7ebc8ede7 100644 --- a/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md +++ b/docs/queries/terraform-queries/azure/f8e08a38-fc6e-4915-abbe-a7aadf1d59ef.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/key_vault_secrets_content_type_undefined) ### Description diff --git a/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md b/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md index 3b0867074e8..993a8d81ac1 100644 --- a/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md +++ b/docs/queries/terraform-queries/azure/fd8da341-6760-4450-b26c-9f6d8850575e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/redis_entirely_accessible) ### Description diff --git a/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md b/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md index 8a978983d20..17b6b1d10cd 100644 --- a/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md +++ b/docs/queries/terraform-queries/azure/ffb02aca-0d12-475e-b77c-a726f7aeff4b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/azure/log_retention_is_not_set) ### Description diff --git a/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md b/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md index 968c3b8ef3b..3952955508e 100644 --- a/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md +++ b/docs/queries/terraform-queries/b0749c53-e3ff-4d09-bbe4-dca94e2e7a38.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/databricks/cluster_aws_attributes) ### Description diff --git a/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md b/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md index b75cba2bd5f..e07e845e1ce 100644 --- a/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md +++ b/docs/queries/terraform-queries/b80b14c6-aaa2-4876-b651-8a48b6c32fbf.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/network_policy_is_not_targeting_any_pod) ### Description diff --git a/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md b/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md index f7d2703fdd0..c7ee39ef4cb 100644 --- a/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md +++ b/docs/queries/terraform-queries/bc3dabb6-fd50-40f8-b9ba-7429c9f1fb0e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/metadata_label_is_invalid) ### Description diff --git a/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md b/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md index 90b65c40347..a1b7f2fc034 100644 --- a/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md +++ b/docs/queries/terraform-queries/bd6bd46c-57db-4887-956d-d372f21291b6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/missing_app_armor_config) ### Description diff --git a/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md b/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md index d66fe450171..3992af4ab63 100644 --- a/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md +++ b/docs/queries/terraform-queries/c878abb4-cca5-4724-92b9-289be68bd47c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/privilege_escalation_allowed) ### Description diff --git a/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md b/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md index e72a8f8ff68..aa8b0d72f60 100644 --- a/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md +++ b/docs/queries/terraform-queries/ca2fba76-c1a7-4afd-be67-5249f861cb0e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/tiller_is_deployed) ### Description diff --git a/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md b/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md index 2319dec4cc9..75e48f7cc04 100644 --- a/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md +++ b/docs/queries/terraform-queries/ce7c874e-1b88-450b-a5e4-cb76ada3c8a9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/github/github_organization_webhook_with_ssl_disabled) ### Description diff --git a/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md b/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md index 64efad72366..d40d42f1d75 100644 --- a/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md +++ b/docs/queries/terraform-queries/d532566b-8d9d-4f3b-80bd-361fe802f9c2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/root_container_not_mounted_as_read_only) ### Description diff --git a/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md b/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md index 985c56917d5..0f855aec7cc 100644 --- a/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md +++ b/docs/queries/terraform-queries/e2c83c1f-84d7-4467-966c-ed41fd015bb9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 779 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/ingress_controller_exposes_workload) ### Description diff --git a/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md b/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md index 9be794954c5..346e64b2646 100644 --- a/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md +++ b/docs/queries/terraform-queries/e5587d53-a673-4a6b-b3f2-ba07ec274def.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/net_raw_capabilities_not_being_dropped) ### Description diff --git a/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md b/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md index 7e1b3e4c812..8e0ec366206 100644 --- a/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md +++ b/docs/queries/terraform-queries/e76cca7c-c3f9-4fc9-884c-b2831168ebd8.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Supply-Chain -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/invalid_image) ### Description diff --git a/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md b/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md index 1322f29314b..697b0257df1 100644 --- a/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md +++ b/docs/queries/terraform-queries/e94d3121-c2d1-4e34-a295-139bfeb73ea3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/shared_host_ipc_namespace) ### Description diff --git a/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md b/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md index 81feb00897a..a49dede749c 100644 --- a/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md +++ b/docs/queries/terraform-queries/f74b9c43-161a-4799-bc95-0b0ec81801b9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/shared_service_account) ### Description diff --git a/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md b/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md index e4c94536dea..47bee25109a 100644 --- a/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md +++ b/docs/queries/terraform-queries/fc5109bf-01fd-49fb-8bde-4492b543c34a.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/general/variable_without_type) ### Description diff --git a/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md b/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md index 0f49e3db845..48f05543e79 100644 --- a/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md +++ b/docs/queries/terraform-queries/fcc2612a-1dfe-46e4-8ce6-0320959f0040.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Build Process -- **CWE:** Ongoing +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/statefulset_requests_storage) ### Description diff --git a/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md b/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md index d1095a69c54..8ccb8f6cd37 100644 --- a/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md +++ b/docs/queries/terraform-queries/fd097ed0-7fe6-4f58-8b71-fef9f0820a21.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 400 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/memory_limits_not_defined) ### Description diff --git a/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md b/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md index 65e94ef8bb1..99b0d7d95cc 100644 --- a/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md +++ b/docs/queries/terraform-queries/fe771ff7-ba15-4f8f-ad7a-8aa232b49a28.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 269 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/kubernetes/container_with_added_capabilities) ### Description diff --git a/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md b/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md index d8a7ea40fd3..e01fe221fd9 100644 --- a/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md +++ b/docs/queries/terraform-queries/gcp/02474449-71aa-40a1-87ae-e14497747b00.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/sql_db_instance_with_ssl_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md b/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md index cafa47a8815..b4ef2462bce 100644 --- a/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md +++ b/docs/queries/terraform-queries/gcp/11e7550e-c4b6-472e-adff-c698f157cdd7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/network_policy_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md b/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md index b3b2cd346d1..25f21beb3ff 100644 --- a/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md +++ b/docs/queries/terraform-queries/gcp/128df7ec-f185-48bc-8913-ce756a3ccb85.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Best Practices -- **CWE:** Ongoing +- **CWE:** 1395 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/outdated_gke_version) ### Description diff --git a/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md b/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md index 55221cae107..5df477ad858 100644 --- a/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md +++ b/docs/queries/terraform-queries/gcp/14a457f0-473d-4d1d-9e37-6d99b355b336.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_ssl_policy_weak_cipher_in_use) ### Description diff --git a/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md b/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md index b2c5fa5be53..68d4b16e859 100644 --- a/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md +++ b/docs/queries/terraform-queries/gcp/16cc87d1-dd47-4f46-b3ce-4dfcac8fd2f5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/kms_crypto_key_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md b/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md index b21edcff454..bfbfdeb4bc9 100644 --- a/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md +++ b/docs/queries/terraform-queries/gcp/1b44e234-3d73-41a8-9954-0b154135280e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/shielded_vm_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md b/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md index 10658261236..93a5d4c4bfa 100644 --- a/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md +++ b/docs/queries/terraform-queries/gcp/1c8eef02-17b1-4a3e-b01d-dcc3292d2c38.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/gke_using_default_service_account) ### Description diff --git a/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md b/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md index a7e81d9be40..1229ac5af95 100644 --- a/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md +++ b/docs/queries/terraform-queries/gcp/22ef1d26-80f8-4a6c-8c15-f35aab3cac78.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_network_using_firewall_rule_allows_all_ports) ### Description diff --git a/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md b/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md index 100f6795880..a381dc626f1 100644 --- a/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md +++ b/docs/queries/terraform-queries/gcp/2f06d22c-56bd-4f73-8a51-db001fcf2150.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/sb) ### Description diff --git a/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md b/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md index eff32ba7404..6a77982ea73 100644 --- a/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md +++ b/docs/queries/terraform-queries/gcp/30e8dfd2-3591-4d19-8d11-79e93106c93d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/stackdriver_monitoring_disabled) ### Description @@ -73,7 +73,7 @@ resource "google_container_cluster" "negative1" { } # Monitoring service defaults to Stackdriver, so it's okay to be undefined -resource "google_container_cluster" "negative1" { +resource "google_container_cluster" "negative2" { name = "marcellus-wallace" location = "us-central1-a" initial_node_count = 3 diff --git a/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md b/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md index 0c7c7fda1d3..3644c47823e 100644 --- a/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md +++ b/docs/queries/terraform-queries/gcp/32ecd6eb-0711-421f-9627-1a28d9eff217.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/os_login_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md b/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md index 38a62d99917..00f4b26f2d9 100644 --- a/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md +++ b/docs/queries/terraform-queries/gcp/3cb4af0b-056d-4fb1-8b95-fdc4593625ff.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Defaults -- **CWE:** Ongoing +- **CWE:** 250 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/using_default_service_account) ### Description diff --git a/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md b/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md index 440b0dfa77e..919dc3d52ff 100644 --- a/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md +++ b/docs/queries/terraform-queries/gcp/3e4d5ce6-3280-4027-8010-c26eeea1ec01.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/project_wide_ssh_keys_are_enabled_in_vm_instances) ### Description diff --git a/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md b/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md index d933e520dc5..671377f02cf 100644 --- a/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md +++ b/docs/queries/terraform-queries/gcp/40430747-442d-450a-a34f-dc57149f4609.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 788 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_subnetwork_logging_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md b/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md index 506806fde60..73dcd9eeeda 100644 --- a/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md +++ b/docs/queries/terraform-queries/gcp/40abce54-95b1-478c-8e5f-ea0bf0bb0e33.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_network_using_default_firewall_rule) ### Description diff --git a/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md b/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md index d8a7f68300b..4c313336675 100644 --- a/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md +++ b/docs/queries/terraform-queries/gcp/4b82202a-b18e-4891-a1eb-a0989850bbb3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/pst) ### Description diff --git a/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md b/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md index 70d01fe41e2..20d3c12c782 100644 --- a/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md +++ b/docs/queries/terraform-queries/gcp/4c7ebcb2-eae2-461e-bc83-456ee2d4f694.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/stackdriver_logging_disabled) ### Description @@ -73,7 +73,7 @@ resource "google_container_cluster" "negative1" { } # Logging service defaults to Stackdriver, so it's okay to be undefined -resource "google_container_cluster" "negative1" { +resource "google_container_cluster" "negative2" { name = "marcellus-wallace" location = "us-central1-a" initial_node_count = 3 diff --git a/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md b/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md index 419e5ce5385..ef454217b65 100644 --- a/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md +++ b/docs/queries/terraform-queries/gcp/579a0727-9c29-4d58-8195-fc5802a8bdb4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/shielded_gke_nodes_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md b/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md index 0dcd1c28741..253e0a88876 100644 --- a/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md +++ b/docs/queries/terraform-queries/gcp/59571246-3f62-4965-a96f-c7d97e269351.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_auto_create_network_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md b/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md index 2f82ed86787..00c3beb1d95 100644 --- a/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md +++ b/docs/queries/terraform-queries/gcp/5baa92d2-d8ee-4c75-88a4-52d9d8bb8067.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/gke_legacy_authorization_enabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md b/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md index d9dc89bad9a..f8d0e17a313 100644 --- a/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md +++ b/docs/queries/terraform-queries/gcp/5ef61c88-bbb4-4725-b1df-55d23c9676bb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 350 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_dns_without_dnssec) ### Description diff --git a/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md b/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md index 3f962b0f86a..b90d162f9b6 100644 --- a/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md +++ b/docs/queries/terraform-queries/gcp/617ef6ff-711e-4bd7-94ae-e965911b1b40.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_iam_binding_service_account_has_token_creator_or_account_user_role) ### Description diff --git a/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md b/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md index f599cbf1560..66e2dd3fd34 100644 --- a/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md +++ b/docs/queries/terraform-queries/gcp/65c1bc7a-4835-4ac4-a2b6-13d310b0648d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cluster_labels_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md b/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md index adb612a1afe..0b2d1eb27ea 100644 --- a/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md +++ b/docs/queries/terraform-queries/gcp/678fd659-96f2-454a-a2a0-c2571f83a4a3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/rdp_access_is_not_restricted) ### Description diff --git a/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md b/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md index fd476b0c7d0..1a75a25300b 100644 --- a/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md +++ b/docs/queries/terraform-queries/gcp/6ccb85d7-0420-4907-9380-50313f80946b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/private_cluster_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md b/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md index 92ab75501a9..6f629461bd6 100644 --- a/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md +++ b/docs/queries/terraform-queries/gcp/704fcc44-a58f-4af5-82e2-93f2a58ef918.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/user_with_iam_role) ### Description diff --git a/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md b/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md index 003629f5a90..7745eab9ed6 100644 --- a/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md +++ b/docs/queries/terraform-queries/gcp/73fb21a1-b19a-45b1-b648-b47b1678681e.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 299 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/legacy_client_certificate_auth_enabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md b/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md index 33d7ca75977..907b778ddf8 100644 --- a/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md +++ b/docs/queries/terraform-queries/gcp/84d36481-fd63-48cb-838e-635c44806ec2.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_iam_member_service_account_has_admin_role) ### Description diff --git a/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md b/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md index 9fb6e28ac9f..7e77fbaab29 100644 --- a/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md +++ b/docs/queries/terraform-queries/gcp/895ed0d9-6fec-4567-8614-d7a74b599a53.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/dataflow) ### Description diff --git a/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md b/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md index 0c18fb1ae5b..3fe264b15ea 100644 --- a/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md +++ b/docs/queries/terraform-queries/gcp/89fe890f-b480-460c-8b6b-7d8b1468adb4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/iam_audit_not_properly_configured) ### Description diff --git a/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md b/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md index 872b7c83e67..67dfdd897da 100644 --- a/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md +++ b/docs/queries/terraform-queries/gcp/8a893e46-e267-485a-8690-51f39951de58.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cos_node_image_not_used) ### Description diff --git a/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md b/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md index dbf88fea1c1..44aa210137a 100644 --- a/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md +++ b/docs/queries/terraform-queries/gcp/9192e0f9-eca5-4056-9282-ae2a736a4088.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/pod_security_policy_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md b/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md index 8466028a781..1169a67958e 100644 --- a/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md +++ b/docs/queries/terraform-queries/gcp/92e4464a-4139-4d57-8742-b5acc0347680.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 266 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/kms_admin_and_crypto_key_roles_in_use) ### Description diff --git a/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md b/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md index cc06d361df1..8450ebee914 100644 --- a/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md +++ b/docs/queries/terraform-queries/gcp/9356962e-4a4f-4d06-ac59-dc8008775eaa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/not_proper_email_account_in_use) ### Description diff --git a/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md b/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md index 29e4609c83a..c03ae160fbe 100644 --- a/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md +++ b/docs/queries/terraform-queries/gcp/97fa667a-d05b-4f16-9071-58b939f34751.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/vm_serial_ports_are_enabled_for_vm_instances) ### Description diff --git a/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md b/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md index e0933f8a6e6..fb1f1522b1c 100644 --- a/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md +++ b/docs/queries/terraform-queries/gcp/a6cd52a1-3056-4910-96a5-894de9f3f3b3.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_anonymous_or_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md b/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md index a4443d47484..a4e1749d0cf 100644 --- a/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md +++ b/docs/queries/terraform-queries/gcp/acfdbec6-4a17-471f-b412-169d77553332.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 693 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_container_node_pool_auto_repair_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md b/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md index 4ff389dc7eb..731f916a63e 100644 --- a/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md +++ b/docs/queries/terraform-queries/gcp/b139213e-7d24-49c2-8025-c18faa21ecaa.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/node_auto_upgrade_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md b/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md index 17ee51992bb..61116afc331 100644 --- a/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md +++ b/docs/queries/terraform-queries/gcp/b187edca-b81e-4fdc-aff4-aab57db45edb.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Critical - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/sql_db_instance_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md b/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md index b3c6583e6e8..c598bcf2350 100644 --- a/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md +++ b/docs/queries/terraform-queries/gcp/b1d51728-7270-4991-ac2f-fc26e2695b38.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/disk_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md b/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md index 401cbba0bd0..c31ee923c39 100644 --- a/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md +++ b/docs/queries/terraform-queries/gcp/bb0db090-5509-4853-a827-75ced0b3caa0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_storage_bucket_level_access_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md b/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md index ae7364546de..9ffda856551 100644 --- a/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md +++ b/docs/queries/terraform-queries/gcp/bc280331-27b9-4acb-a010-018e8098aa5d.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/vm_with_full_cloud_access) ### Description diff --git a/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md b/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md index 4acf5dd95e9..c4ef8b27d35 100644 --- a/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md +++ b/docs/queries/terraform-queries/gcp/bc75ce52-a60a-4660-b533-bce837a5019b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/redis) ### Description diff --git a/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md b/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md index cff82650263..1f1f318564d 100644 --- a/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md +++ b/docs/queries/terraform-queries/gcp/c010082c-76e0-4b91-91d9-6e8439e455dd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_bucket_is_publicly_accessible) ### Description diff --git a/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md b/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md index 45d7732f484..ec1a28f8443 100644 --- a/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md +++ b/docs/queries/terraform-queries/gcp/c4dcdcdf-10dd-4bf4-b4a0-8f6239e6aaa0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/ssh_access_is_not_restricted) ### Description diff --git a/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md b/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md index 6b7aa4ee6bc..10104a84a9c 100644 --- a/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md +++ b/docs/queries/terraform-queries/gcp/c606ba1d-d736-43eb-ac24-e16108f3a9e0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/ip_aliasing_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md b/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md index 0688382e6ca..62c107e0cc2 100644 --- a/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md +++ b/docs/queries/terraform-queries/gcp/c68b4e6d-4e01-4ca1-b256-1e18e875785c.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_project_iam_member_service_account_has_token_creator_or_account_user_role) ### Description diff --git a/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md b/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md index 1d454d88b4e..a8c89eeb4ae 100644 --- a/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md +++ b/docs/queries/terraform-queries/gcp/c9d81239-c818-4869-9917-1570c62b81fd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/fi) ### Description diff --git a/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md b/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md index 8b59efcd412..a389411d3ee 100644 --- a/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md +++ b/docs/queries/terraform-queries/gcp/ccc3100c-0fdd-4a5e-9908-c10107291860.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/dnssec_using_rsasha1) ### Description diff --git a/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md b/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md index 07ed9838a44..824127f6896 100644 --- a/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md +++ b/docs/queries/terraform-queries/gcp/cefdad16-0dd5-4ac5-8ed2-a37502c78672.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Resource Management -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/service_account_with_improper_privileges) ### Description diff --git a/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md b/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md index 6c73052a025..4813528503f 100644 --- a/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md +++ b/docs/queries/terraform-queries/gcp/cf3c7631-cd1e-42f3-8801-a561214a6e79.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 799 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/sql_db_instance_backup_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md b/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md index fd296edc29e..b1b625761dd 100644 --- a/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md +++ b/docs/queries/terraform-queries/gcp/d0b4d550-c001-46c3-bbdb-d5d75d33f05f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/os_login_is_disabled_for_vm_instance) ### Description diff --git a/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md b/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md index 276d4f6490e..a744d231353 100644 --- a/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md +++ b/docs/queries/terraform-queries/gcp/d6cabc3a-d57e-48c2-b341-bf3dd4f4a120.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_bucket_logging_not_enabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md b/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md index 9f51e875053..de42abcc7ea 100644 --- a/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md +++ b/docs/queries/terraform-queries/gcp/d8c57c4e-bf6f-4e32-a2bf-8643532de77b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Secret Management -- **CWE:** Ongoing +- **CWE:** 326 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/high_google_kms_crypto_key_rotation_period) ### Description diff --git a/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md b/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md index 95e3eac93d8..701439eea82 100644 --- a/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md +++ b/docs/queries/terraform-queries/gcp/dd7d70aa-a6ec-460d-b5d2-38b40253b16f.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Trace - **Category:** Bill Of Materials -- **CWE:** Ongoing +- **CWE:** 532 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp_bom/pd) ### Description diff --git a/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md b/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md index 4ef90aa3acd..7f1730e1e49 100644 --- a/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md +++ b/docs/queries/terraform-queries/gcp/e576ce44-dd03-4022-a8c0-3906acca2ab4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/bigquery_dataset_is_public) ### Description diff --git a/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md b/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md index fbbe55c98b4..c5ce88e0e71 100644 --- a/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md +++ b/docs/queries/terraform-queries/gcp/e6f61c37-106b-449f-a5bb-81bfcaceb8b4.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_network_using_firewall_rule_allows_port_range) ### Description diff --git a/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md b/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md index 3e3325fb954..a91961619a1 100644 --- a/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md +++ b/docs/queries/terraform-queries/gcp/e7e961ac-d17e-4413-84bc-8a1fbe242944.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 710 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/cloud_storage_bucket_versioning_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md b/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md index a903b5d71b5..643306dd04d 100644 --- a/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md +++ b/docs/queries/terraform-queries/gcp/ee7b93c1-b3f8-4a3b-9588-146d481814f5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/google_compute_subnetwork_with_private_google_access_disabled) ### Description diff --git a/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md b/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md index a8b3ab1e396..7e6de55d983 100644 --- a/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md +++ b/docs/queries/terraform-queries/gcp/f34c0c25-47b4-41eb-9c79-249b4dd47b89.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 1188 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/gcp/ip_forwarding_enabled) ### Description diff --git a/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md b/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md index 8aa5ea42d92..260f4486286 100644 --- a/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md +++ b/docs/queries/terraform-queries/nifcloud/30c2760c-740e-4672-9d7f-2c29e0cb385d.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Router Has Common Private Network +title: Nifcloud Router Has Common Private Network hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 30c2760c-740e-4672-9d7f-2c29e0cb385d -- **Query name:** Beta - Nifcloud Router Has Common Private Network +- **Query name:** Nifcloud Router Has Common Private Network - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/router_has_common_private) ### Description -The router has common private network
+The Router has common private network
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#network_id) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md b/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md index 3292617f3e2..b101ee7558a 100644 --- a/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md +++ b/docs/queries/terraform-queries/nifcloud/41c127a9-3a85-4bc3-a333-ed374eb9c3e4.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Computing Undefined Description To Security Group +title: Nifcloud Computing Undefined Description To Security Group hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 41c127a9-3a85-4bc3-a333-ed374eb9c3e4 -- **Query name:** Beta - Nifcloud Computing Undefined Description To Security Group +- **Query name:** Nifcloud Computing Undefined Description To Security Group - **Platform:** Terraform -- **Severity:** Low -- **Category:** Networking and Firewall -- **CWE:** Ongoing +- **Severity:** Info +- **Category:** Best Practices +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_security_group_description_undefined) ### Description -Missing description for security group
+It's considered a best practice for Security Group to have a description
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group#description) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md b/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md index c3e588883d4..86e2377b67a 100644 --- a/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md +++ b/docs/queries/terraform-queries/nifcloud/4b801c38-ebb4-4c81-984b-1ba525d43adf.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud NAS Has Common Private Network +title: Nifcloud NAS Has Common Private Network hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 4b801c38-ebb4-4c81-984b-1ba525d43adf -- **Query name:** Beta - Nifcloud NAS Has Common Private Network +- **Query name:** Nifcloud NAS Has Common Private Network - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/nas_instance_has_common_private) ### Description -The nas has common private network
+The NAS has common private network
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_instance#network_id) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md b/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md index 21795d64708..180f3986dcf 100644 --- a/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md +++ b/docs/queries/terraform-queries/nifcloud/5061f84c-ab66-4660-90b9-680c9df346c0.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud ELB Has Common Private Network +title: Nifcloud ELB Has Common Private Network hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 5061f84c-ab66-4660-90b9-680c9df346c0 -- **Query name:** Beta - Nifcloud ELB Has Common Private Network +- **Query name:** Nifcloud ELB Has Common Private Network - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/elb_has_common_private) ### Description -The elb has common private network
+The ELB has common private network
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#network_id) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md b/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md index 859a353bc6a..bdc56681284 100644 --- a/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md +++ b/docs/queries/terraform-queries/nifcloud/675e8eaa-2754-42b7-bf33-bfa295d1601d.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud LB Use Insecure TLS Policy Name +title: Nifcloud LB Using Insecure TLS Policy Name hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 675e8eaa-2754-42b7-bf33-bfa295d1601d -- **Query name:** Beta - Nifcloud LB Use Insecure TLS Policy Name +- **Query name:** Nifcloud LB Using Insecure TLS Policy Name - **Platform:** Terraform -- **Severity:** High -- **Category:** Insecure Configurations -- **CWE:** Ongoing +- **Severity:** Medium +- **Category:** Encryption +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_name) ### Description -The lb use insecure tls policy
+The LB using insecure TLS policy
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_name) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md b/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md index 9e1c849cddc..141f5b3760e 100644 --- a/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md +++ b/docs/queries/terraform-queries/nifcloud/89218b48-75c9-4cb3-aaba-5299e852e8bc.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Computing Undefined Security Group To Instance +title: Nifcloud Computing Undefined Security Group To Instance hide: toc: true navigation: true @@ -16,11 +16,11 @@ hide: - **Query id:** 89218b48-75c9-4cb3-aaba-5299e852e8bc -- **Query name:** Beta - Nifcloud Computing Undefined Security Group To Instance +- **Query name:** Nifcloud Computing Undefined Security Group To Instance - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_instance_security_group_undefined) ### Description diff --git a/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md b/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md index afb97903d4b..d046ca9656d 100644 --- a/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md +++ b/docs/queries/terraform-queries/nifcloud/8d7758a7-d9cd-499a-a83e-c9bdcbff728d.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule +title: Nifcloud NAS Has Public Ingress NAS Security Group Rule hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 8d7758a7-d9cd-499a-a83e-c9bdcbff728d -- **Query name:** Beta - Nifcloud NAS Has Public Ingress NAS Security Group Rule +- **Query name:** Nifcloud NAS Has Public Ingress NAS Security Group Rule - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/nas_security_group_has_public_ingress_sgr) ### Description -An ingress nas security group rule allows traffic from /0
+An ingress NAS security group rule allows traffic from /0
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#cidr_ip) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md b/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md index 58cab1de627..40f68f1ad60 100644 --- a/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md +++ b/docs/queries/terraform-queries/nifcloud/940ddce2-26bd-4e31-a9b4-382714f73231.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud RDB Undefined Description To DB Security Group +title: Nifcloud RDB Undefined Description To DB Security Group hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 940ddce2-26bd-4e31-a9b4-382714f73231 -- **Query name:** Beta - Nifcloud RDB Undefined Description To DB Security Group +- **Query name:** Nifcloud RDB Undefined Description To DB Security Group - **Platform:** Terraform -- **Severity:** Low -- **Category:** Networking and Firewall -- **CWE:** Ongoing +- **Severity:** Info +- **Category:** Best Practices +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_security_group_description_undefined) ### Description -Missing description for db security group
+Missing description for DB security group
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#description) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md b/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md index da6b1a57276..b2916fe328b 100644 --- a/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md +++ b/docs/queries/terraform-queries/nifcloud/944439c7-b4b8-476a-8f83-14641ea876ba.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud LB Use Insecure TLS Policy ID +title: Nifcloud LB Using Insecure TLS Policy ID hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 944439c7-b4b8-476a-8f83-14641ea876ba -- **Query name:** Beta - Nifcloud LB Use Insecure TLS Policy ID +- **Query name:** Nifcloud LB Using Insecure TLS Policy ID - **Platform:** Terraform -- **Severity:** High -- **Category:** Insecure Configurations -- **CWE:** Ongoing +- **Severity:** Medium +- **Category:** Encryption +- **CWE:** 295 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_use_insecure_tls_policy_id) ### Description -The lb use insecure tls policy
+The LB using insecure TLS policy
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#ssl_policy_id) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md b/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md index fb16298e5a1..8c896b2c236 100644 --- a/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md +++ b/docs/queries/terraform-queries/nifcloud/94e47f3f-b90b-43a1-a36d-521580bae863.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud LB Use HTTP Port +title: Nifcloud LB Using HTTP Port hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 94e47f3f-b90b-43a1-a36d-521580bae863 -- **Query name:** Beta - Nifcloud LB Use HTTP Port +- **Query name:** Nifcloud LB Using HTTP Port - **Platform:** Terraform -- **Severity:** High -- **Category:** Insecure Configurations -- **CWE:** Ongoing +- **Severity:** Medium +- **Category:** Networking and Firewall +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_use_http) ### Description -The lb use http port
+The LB using HTTP port
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer#load_balancer_port) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md b/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md index b7d2c6a45fd..caf474719a7 100644 --- a/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md +++ b/docs/queries/terraform-queries/nifcloud/9bf57c23-fbab-4222-85f3-3f207a53c6a8.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud RDB Has Common Private Network +title: Nifcloud RDB Has Common Private Network hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 9bf57c23-fbab-4222-85f3-3f207a53c6a8 -- **Query name:** Beta - Nifcloud RDB Has Common Private Network +- **Query name:** Nifcloud RDB Has Common Private Network - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_instance_has_common_private) ### Description -The rdb has common private network
+The RDB has common private network
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#network_id) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md b/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md index 087c7e7fd9e..e20f150131b 100644 --- a/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md +++ b/docs/queries/terraform-queries/nifcloud/9f751a80-31f0-43a3-926c-20772791a038.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud LB Listener Use HTTP Port +title: Nifcloud LB Listener Using HTTP Port hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** 9f751a80-31f0-43a3-926c-20772791a038 -- **Query name:** Beta - Nifcloud LB Listener Use HTTP Port +- **Query name:** Nifcloud LB Listener Using HTTP Port - **Platform:** Terraform -- **Severity:** High -- **Category:** Insecure Configurations -- **CWE:** Ongoing +- **Severity:** Medium +- **Category:** Networking and Firewall +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/load_balancer_listener_use_http) ### Description -The lb listener use http port
+The LB listener using HTTP port
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/load_balancer_listener#load_balancer_port) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md b/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md index 90ca72afa7b..8e258b7e063 100644 --- a/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md +++ b/docs/queries/terraform-queries/nifcloud/a0b846e8-815f-4f15-b660-bc4ab9fa1e1a.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule +title: Nifcloud RDB Has Public DB Ingress Security Group Rule hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** a0b846e8-815f-4f15-b660-bc4ab9fa1e1a -- **Query name:** Beta - Nifcloud RDB Has Public DB Ingress Security Group Rule +- **Query name:** Nifcloud RDB Has Public DB Ingress Security Group Rule - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_security_group_has_public_ingress_sgr) ### Description -An db ingress security group rule allows traffic from /0
+A DB ingress security group rule allows traffic from /0
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_security_group#cidr_ip) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md b/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md index f1517f642e5..3d87b81500b 100644 --- a/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md +++ b/docs/queries/terraform-queries/nifcloud/a1defcb6-55e8-4511-8c2a-30b615b0e057.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud DNS Has Verified Record +title: Nifcloud DNS Has Verified Record hide: toc: true navigation: true @@ -16,11 +16,11 @@ hide: - **Query id:** a1defcb6-55e8-4511-8c2a-30b615b0e057 -- **Query name:** Beta - Nifcloud DNS Has Verified Record +- **Query name:** Nifcloud DNS Has Verified Record - **Platform:** Terraform -- **Severity:** High +- **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/dns_has_verified_record) ### Description diff --git a/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md b/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md index c2cdde3f23d..e7aed9612fc 100644 --- a/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md +++ b/docs/queries/terraform-queries/nifcloud/afcb0771-4f94-44ed-ad4a-9f73f11ce6e0.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud ELB Listener Use HTTP Protocol +title: Nifcloud ELB Listener Using HTTP Protocol hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** afcb0771-4f94-44ed-ad4a-9f73f11ce6e0 -- **Query name:** Beta - Nifcloud ELB Listener Use HTTP Protocol +- **Query name:** Nifcloud ELB Listener Using HTTP Protocol - **Platform:** Terraform -- **Severity:** High -- **Category:** Insecure Configurations -- **CWE:** Ongoing +- **Severity:** Medium +- **Category:** Networking and Firewall +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/elb_listener_use_http) ### Description -The elb listener use http protocol
+The ELB listener using http protocol
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb_listener#protocol) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md b/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md index f9c0aa4e367..dd91ba35190 100644 --- a/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md +++ b/docs/queries/terraform-queries/nifcloud/b2ea2367-8dc9-4231-a035-d0b28bfa3dde.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Computing Has Public Ingress Security Group Rule +title: Nifcloud Computing Has Public Ingress Security Group Rule hide: toc: true navigation: true @@ -16,11 +16,11 @@ hide: - **Query id:** b2ea2367-8dc9-4231-a035-d0b28bfa3dde -- **Query name:** Beta - Nifcloud Computing Has Public Ingress Security Group Rule +- **Query name:** Nifcloud Computing Has Public Ingress Security Group Rule - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_instance_has_public_ingress_sgr) ### Description diff --git a/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md b/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md index ee73b5a73e9..91e2f61dc0d 100644 --- a/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md +++ b/docs/queries/terraform-queries/nifcloud/b3535a48-910c-47f8-8b3b-14222f29ef80.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway +title: Nifcloud VPN Gateway Undefined Security Group hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** b3535a48-910c-47f8-8b3b-14222f29ef80 -- **Query name:** Beta - Nifcloud Vpn Gateway Undefined Security Group To Vpn Gateway +- **Query name:** Nifcloud VPN Gateway Undefined Security Group - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/vpn_gateway_security_group_undefined) ### Description -Missing security group for vpn gateway
+Missing security group for VPN gateway
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/vpn_gateway#security_group) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md b/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md index 9d114e62c29..947455323eb 100644 --- a/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md +++ b/docs/queries/terraform-queries/nifcloud/df58dd45-8009-43c2-90f7-c90eb9d53ed9.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Computing Has Common Private Network +title: Nifcloud Computing Has Common Private Network hide: toc: true navigation: true @@ -16,11 +16,11 @@ hide: - **Query id:** df58dd45-8009-43c2-90f7-c90eb9d53ed9 -- **Query name:** Beta - Nifcloud Computing Has Common Private Network +- **Query name:** Nifcloud Computing Has Common Private Network - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_instance_has_common_private) ### Description diff --git a/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md b/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md index 11313851abb..c4cac7fea0a 100644 --- a/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md +++ b/docs/queries/terraform-queries/nifcloud/e2de2b80-2fc2-4502-a764-40930dfcc70a.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud ELB Use HTTP Protocol +title: Nifcloud ELB Using HTTP Protocol hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** e2de2b80-2fc2-4502-a764-40930dfcc70a -- **Query name:** Beta - Nifcloud ELB Use HTTP Protocol +- **Query name:** Nifcloud ELB Using HTTP Protocol - **Platform:** Terraform -- **Severity:** High -- **Category:** Insecure Configurations -- **CWE:** Ongoing +- **Severity:** Medium +- **Category:** Networking and Firewall +- **CWE:** 319 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/elb_use_http) ### Description -The elb use http protocol
+The ELB using HTTP protocol
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/elb#protocol) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md b/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md index 235b959f4e7..df7aef41993 100644 --- a/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md +++ b/docs/queries/terraform-queries/nifcloud/e4610872-0b1c-4fb7-ab57-d81c0afdb291.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Computing Undefined Description To Security Group Rule +title: Nifcloud Computing Undefined Description To Security Group Rule hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** e4610872-0b1c-4fb7-ab57-d81c0afdb291 -- **Query name:** Beta - Nifcloud Computing Undefined Description To Security Group Rule +- **Query name:** Nifcloud Computing Undefined Description To Security Group Rule - **Platform:** Terraform -- **Severity:** Low -- **Category:** Networking and Firewall -- **CWE:** Ongoing +- **Severity:** Info +- **Category:** Best Practices +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/computing_security_group_rule_description_undefined) ### Description -Missing description for security group rule
+It's considered a best practice for Security Group Rules to have a description
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/security_group_rule#description) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md b/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md index f5f6275d083..8f572452577 100644 --- a/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md +++ b/docs/queries/terraform-queries/nifcloud/e5071f76-cbe7-468d-bb2b-d10f02d2b713.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day +title: Nifcloud Low RDB Backup Retention Period hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** e5071f76-cbe7-468d-bb2b-d10f02d2b713 -- **Query name:** Beta - Nifcloud RDB Has Backup Retention Less Than 2 Day +- **Query name:** Nifcloud Low RDB Backup Retention Period - **Platform:** Terraform -- **Severity:** Medium +- **Severity:** Low - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_does_not_have_long_backup_retention) ### Description -The rdb has backup retention less than 2 day
+Nifcloud RDB backup retention should be at least 7 days
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#backup_retention_period) ### Code samples @@ -40,7 +40,7 @@ resource "nifcloud_db_instance" "positive" { resource "nifcloud_db_instance" "positive" { identifier = "example" instance_class = "db.large8" - backup_retention_period = 1 + backup_retention_period = 5 } ``` @@ -51,7 +51,7 @@ resource "nifcloud_db_instance" "positive" { resource "nifcloud_db_instance" "negative" { identifier = "example" instance_class = "db.large8" - backup_retention_period = 5 + backup_retention_period = 7 } ``` diff --git a/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md b/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md index c3eaa793899..f35398c37c7 100644 --- a/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md +++ b/docs/queries/terraform-queries/nifcloud/e7dada38-af20-4899-8955-dabea84ab1f0.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud Router Undefined Security Group To Router +title: Nifcloud Router Undefined Security Group hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** e7dada38-af20-4899-8955-dabea84ab1f0 -- **Query name:** Beta - Nifcloud Router Undefined Security Group To Router +- **Query name:** Nifcloud Router Undefined Security Group - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/router_security_group_undefined) ### Description -Missing security group for router
+Missing security group for Router
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/router#security_group) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md b/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md index dc231b60238..877c099461e 100644 --- a/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md +++ b/docs/queries/terraform-queries/nifcloud/e840c54a-7a4c-405f-b8c1-c49a54b87d11.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud NAS Undefined Description To NAS Security Group +title: Nifcloud NAS Undefined Description To NAS Security Group hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** e840c54a-7a4c-405f-b8c1-c49a54b87d11 -- **Query name:** Beta - Nifcloud NAS Undefined Description To NAS Security Group +- **Query name:** Nifcloud NAS Undefined Description To NAS Security Group - **Platform:** Terraform -- **Severity:** Low -- **Category:** Networking and Firewall -- **CWE:** Ongoing +- **Severity:** Info +- **Category:** Best Practices +- **CWE:** 665 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/nas_security_group_description_undefined) ### Description -Missing description for nas security group
+It's considered a best practice for NAS Security Group to have a description
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/nas_security_group#description) ### Code samples diff --git a/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md b/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md index b1ee8178f35..984ba7b0b75 100644 --- a/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md +++ b/docs/queries/terraform-queries/nifcloud/fb387023-e4bb-42a8-9a70-6708aa7ff21b.md @@ -1,5 +1,5 @@ --- -title: Beta - Nifcloud RDB Has Public DB Access +title: Nifcloud RDB Has Public DB Access hide: toc: true navigation: true @@ -16,15 +16,15 @@ hide: - **Query id:** fb387023-e4bb-42a8-9a70-6708aa7ff21b -- **Query name:** Beta - Nifcloud RDB Has Public DB Access +- **Query name:** Nifcloud RDB Has Public DB Access - **Platform:** Terraform - **Severity:** High -- **Category:** Networking and Firewall -- **CWE:** Ongoing +- **Category:** Access Control +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/nifcloud/db_has_public_access) ### Description -The rdb has public db access
+The RDB has public DB access
[Documentation](https://registry.terraform.io/providers/nifcloud/nifcloud/latest/docs/resources/db_instance#publicly_accessible) ### Code samples @@ -35,7 +35,6 @@ resource "nifcloud_db_instance" "positive" { instance_class = "db.large8" publicly_accessible = true } - ``` @@ -46,5 +45,4 @@ resource "nifcloud_db_instance" "negative" { instance_class = "db.large8" publicly_accessible = false } - ``` diff --git a/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md b/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md index 49824d528d9..c45036e635d 100644 --- a/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md +++ b/docs/queries/terraform-queries/tencentcloud/18d6aa4b-7570-4d95-9c75-90363ef1abd9.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 668 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cdb_instance_using_default_intranet_port) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md b/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md index ee3c8231584..227c622c50c 100644 --- a/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md +++ b/docs/queries/terraform-queries/tencentcloud/1ee0f202-31da-49ba-bbce-04a989912e4b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/disk_encryption_disabled) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md b/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md index f4b7fe83ed3..c8c9435b5a8 100644 --- a/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md +++ b/docs/queries/terraform-queries/tencentcloud/3ed47402-e322-465f-a0f0-8681135a17b0.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 311 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/tke_cluster_encryption_protection_disabled) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md b/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md index 1f06c856386..8ee2cb5ea40 100644 --- a/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md +++ b/docs/queries/terraform-queries/tencentcloud/5bb6fa08-5e84-4760-a54a-cdcd66626976.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_using_user_data) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md b/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md index c8e9b8b5cef..167e86dea95 100644 --- a/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md +++ b/docs/queries/terraform-queries/tencentcloud/5d820574-4a60-4916-b049-0810b8629731.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cdb_instance_internet_service_enabled) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md b/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md index e6814b50ead..6bec3736893 100644 --- a/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md +++ b/docs/queries/terraform-queries/tencentcloud/93bb2065-63ec-45a2-a466-f106b56f2e32.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Access Control -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_using_default_security_group) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md b/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md index 056f9cf9246..bb2b06fd6b8 100644 --- a/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md +++ b/docs/queries/terraform-queries/tencentcloud/966ed4f7-b8a5-4e8d-b2bf-098657c98960.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Info - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_disable_monitor_service) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md b/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md index 30bb365d63d..6611d10950a 100644 --- a/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md +++ b/docs/queries/terraform-queries/tencentcloud/a3240001-40db-47b7-abb9-2bcd6a04c430.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/vpc_flow_log_disabled) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md b/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md index a89c4049ca6..ba0a4063d2d 100644 --- a/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md +++ b/docs/queries/terraform-queries/tencentcloud/a74b4602-a62c-4a02-956a-e19f86ea24b5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_has_public_ip) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md b/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md index 1706b3400d8..ce4af0fa250 100644 --- a/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md +++ b/docs/queries/terraform-queries/tencentcloud/ada01ed1-b10c-4f2a-b110-b20fa4f9baa6.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/clb_instance_log_setting_disabled) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md b/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md index 11f514ee261..a59479acc38 100644 --- a/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md +++ b/docs/queries/terraform-queries/tencentcloud/b4e75c5c-83d5-4568-90e3-57ed5ec4051b.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 200 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cvm_instance_using_default_vpc) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md b/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md index a18ed9f8376..fff09181c68 100644 --- a/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md +++ b/docs/queries/terraform-queries/tencentcloud/ca94be07-7de3-4ae7-85ef-67e0462ec694.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Backup -- **CWE:** Ongoing +- **CWE:** 754 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/cdb_instance_without_backup_policy) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md b/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md index 938030b39d9..14f13bcff52 100644 --- a/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md +++ b/docs/queries/terraform-queries/tencentcloud/d135a36e-c474-452f-b891-76db1e6d1cd5.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Networking and Firewall -- **CWE:** Ongoing +- **CWE:** 285 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/security_group_rule_set_accepts_all_traffic) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md b/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md index 5c63ad9f973..7fd771782e6 100644 --- a/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md +++ b/docs/queries/terraform-queries/tencentcloud/df6928ed-02f4-421f-9a67-a529860dd7e7.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Medium - **Category:** Insecure Configurations -- **CWE:** Ongoing +- **CWE:** 732 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/tke_cluster_has_public_access) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md b/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md index b24379ca6c9..6e9255809ad 100644 --- a/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md +++ b/docs/queries/terraform-queries/tencentcloud/fe08b81c-12e9-4b5e-9006-4218fca750fd.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** High - **Category:** Encryption -- **CWE:** Ongoing +- **CWE:** 284 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/clb_listener_using_insecure_protocols) ### Description diff --git a/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md b/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md index 71073d9c178..bc08aebe097 100644 --- a/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md +++ b/docs/queries/terraform-queries/tencentcloud/fe405074-7e18-40f9-9aef-024aa1d0a889.md @@ -20,7 +20,7 @@ hide: - **Platform:** Terraform - **Severity:** Low - **Category:** Observability -- **CWE:** Ongoing +- **CWE:** 778 - **URL:** [Github](https://github.com/Checkmarx/kics/tree/master/assets/queries/terraform/tencentcloud/tke_cluster_log_disabled) ### Description