ServiceCallout Proxy
Name Severity Scopes Tags Links
Unreachable RouteRule Medium Proxy Code Quality CWE-561
Unreachable Flow Medium Proxy Code Quality CWE-561
ServiceCallout policy uses default message object as a response Medium ServiceCallout Code Quality CWE-200
ServiceCallout policy uses default message object as a request Medium ServiceCallout Code Quality CWE-200
Resource is not linked to a policy Info Proxy Code Quality CWE-561
Proxy doesn't have default flow High Proxy Code Quality Data Validation CWE-20
Policy is not linked to step Info Proxy Code Quality CWE-561
No mask configuration for the proxy Low Proxy Code Quality
No TLS protocol specified in connection definition High ServiceCallout MessageLogging Target Data in Transit CWE-327
No SpikeArrest policy is applied Medium Proxy Code Quality DoS Protection CWE-770
Missing security headers Low Proxy Secure Configuration CWE-523
Missing API versioning Info Proxy Secure Configuration CWE-710
MatchesPath is applied to a static parameter Medium Target Proxy Code Quality Data Validation CWE-20
Lack of certificate validation Critical ServiceCallout MessageLogging Target Data in Transit CWE-295
Lack of DefaultFaultRule Medium Target Proxy Error Handling CWE-390
Connection to the system is not encrypted Critical ServiceCallout MessageLogging Target Data in Transit CWE-319
Authorization header is not removed before the request is sent to target system High Proxy Data in Transit CWE-201
API Key is not removed before the request is sent to target system High Proxy Data in Transit CWE-201