|
Insecure Quota configuration
|
High |
Step |
Code Quality
Data Validation |
CWE-770
|
|
Proxy doesn't have default flow
|
High |
Proxy |
Code Quality
Data Validation |
CWE-20
|
|
Condition has undefined variables
|
Medium |
Step
RouteRule
Flow |
Code Quality |
CWE-570
CWE-571
|
|
Insecure JSONThreatProtection policy
|
Medium |
JSONThreatProtection |
Code Quality
Data Validation |
CWE-770
CWE-20
|
|
MatchesPath is applied to a static parameter
|
Medium |
Target
Proxy |
Code Quality
Data Validation |
CWE-20
|
|
No SpikeArrest policy is applied
|
Medium |
Proxy |
Code Quality
DoS Protection |
CWE-770
|
|
ServiceCallout policy uses default message object as a request
|
Medium |
ServiceCallout |
Code Quality |
CWE-200
|
|
ServiceCallout policy uses default message object as a response
|
Medium |
ServiceCallout |
Code Quality |
CWE-200
|
|
Unreachable Flow
|
Medium |
Proxy |
Code Quality |
CWE-561
|
|
Unreachable RouteRule
|
Medium |
Proxy |
Code Quality |
CWE-561
|
|
Cache lookup variable is overwritten
|
Low |
Step |
Code Quality |
CWE-472
|
|
No mask configuration for the proxy
|
Low |
Proxy |
Code Quality |
|
|
Overcomplicated or malformed condition
|
Low |
Step
RouteRule
Flow |
Code Quality |
CWE-570
CWE-571
|
|
Sharedflow has not beeing scanned by CodeSent
|
Low |
FlowCallout |
Code Quality |
|
|
Step operates undefined flow variables
|
Low |
Step |
Code Quality |
CWE-457
|
|
Policy is not linked to step
|
Info |
Proxy |
Code Quality |
CWE-561
|
|
Resource is not linked to a policy
|
Info |
Proxy |
Code Quality |
CWE-561
|
|
Unused flow variables
|
Info |
Step |
Code Quality |
CWE-563
|