Generic Map Nomatch

By
Rejah Rehim
Published on
02 Apr 2022
Vulnerability

Generic Map Nomatch is an identifier used by many products, services and databases to specify if a vulnerable doesn’t map to its CVE. This can be due to:-

  • Non-existing public CVE
  • The element might not match criteria for CVE
  • The developer has not mapped the bug yet

Virtual Programming’s VP-ASP Shopping Cart Default Configuration May Disclose Internal Database to Remote Users. This information includes user details, credit card details etc.

Impact

The impact include:-

  • Possible data breach
  • Possible leakage and/or manipulation of sensitive information

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Making sure that the web server does not send out response headers that reveal information about the backend technology type or version.
  • Making sure that all the services running on the server’s open ports do not reveal information about their builds and versions.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Rejah Rehim
Rejah Rehim
Co-founder, Director
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.