Security Misconfiguration

Security misconfiguration is one of the most common and easily exploitable vulnerability classes. It occurs when security settings are not defined, implemented, or maintained correctly. Unlike code-level bugs, misconfiguration issues affect the infrastructure, platform, and deployment of an application.

What is Security Misconfiguration?

Security misconfiguration covers a broad range of issues:

Default credentials left in place
Unnecessary features, services, or ports enabled
Error handling that reveals stack traces or internal details
Missing or misconfigured security headers
Unpatched software
Overly permissive cloud storage permissions
Verbose logging in production

Common Misconfiguration Categories

1. Default Credentials

Many platforms, databases, and admin panels ship with default usernames and passwords:

Platform	Default Credentials
Apache Tomcat Manager	admin/admin or tomcat/tomcat
phpMyAdmin	root/(blank)
Jenkins	admin/(auto-generated but often unchanged)
MongoDB	No authentication by default
Elasticsearch	No authentication by default (pre-8.x)
Default routers	admin/admin or admin/password

Action: Change all default credentials before deployment. Better yet, disable default accounts entirely.

Security Misconfiguration

Security Misconfiguration

What is Security Misconfiguration?

Common Misconfiguration Categories

1. Default Credentials

2. Debug Mode in Production

More in Cybersecurity