Generic Map Nomatch
OWASP 2013-A5 OWASP 2017-A6 OWASP 2021-A5 OWASP PC-C3 CWE-119 WASC-13
Generic Map Nomatch is an identifier used by many products, services and databases to specify if a vulnerable doesn’t map to its CVE. This can be due to:-
- Non-existing public CVE
- The element might not match criteria for CVE
- The developer has not mapped the bug yet
Virtual Programming’s VP-ASP Shopping Cart Default Configuration May Disclose Internal Database to Remote Users. This information includes user details, credit card details etc.
Impact
The impact include:-
- Possible data breach
- Possible leakage and/or manipulation of sensitive information
Mitigation / Precaution
This vulnerability can be fixed by:-
- Making sure that the web server does not send out response headers that reveal information about the backend technology type or version.
- Making sure that all the services running on the server’s open ports do not reveal information about their builds and versions.
Check your website security today and
identify vulnerabilities before hackers exploit them.