ServiceCallout Target AssignMessage
Name Scopes Tags Links
Critical
Connection to the system is not encrypted ServiceCallout MessageLogging Target Data in Transit CWE-319
Lack of certificate validation ServiceCallout MessageLogging Target Data in Transit CWE-295
High
AssignMessage request parameters pollution AssignMessage Data Validation CWE-20
No TLS protocol specified in connection definition ServiceCallout MessageLogging Target Data in Transit CWE-327
Use of weak hash algorithms AssignMessage HMAC JavaScript Secure Configuration CWE-327
Medium
Lack of DefaultFaultRule Target Proxy Error Handling CWE-390
MatchesPath is applied to a static parameter Target Proxy Code Quality Data Validation CWE-20
ServiceCallout policy uses default message object as a request ServiceCallout Code Quality CWE-200
ServiceCallout policy uses default message object as a response ServiceCallout Code Quality CWE-200
Unreachable FaultRule Target Proxy Code Quality CWE-561
Unreachable Flow Target Proxy Code Quality CWE-561