An internal staff member logs into an ERP platform and clicks on a record.The browser URL changes to: URL: http://192.168.0.100/ERP/accountId=5&action=SELECT Which of the following is the MOST likely vulnerability in this ERP platform?

Vulnerability in ERP Platform | Exam CAS-003 | CompTIA CASP+

Identifying Vulnerabilities in ERP Platform

Prev Question Next Question

Question

An internal staff member logs into an ERP platform and clicks on a record.

The browser URL changes to: URL: http://192.168.0.100/ERP/accountId=5&action=SELECT Which of the following is the MOST likely vulnerability in this ERP platform?

Answers

A. Brute forcing of account credentials

B. Plain-text credentials transmitted over the Internet

C. Insecure direct object reference

D. SQL injection of ERP back end.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

The URL provided in the question indicates that an internal staff member has logged into an ERP (Enterprise Resource Planning) platform and clicked on a record. The URL contains two parameters: accountId=5 and action=SELECT. The vulnerability in the ERP platform that is MOST likely being exploited in this scenario is an insecure direct object reference.

Insecure direct object reference (IDOR) is a type of security vulnerability that arises when an application uses an identifier to retrieve an object or resource, and the application does not properly verify whether the user is authorized to access that object or resource. In other words, it is possible for a user to manipulate the identifier and access data or functionality that they should not have access to.

In this case, the URL contains the account ID parameter, which likely identifies the record that the user is attempting to access. If the application does not properly verify that the user is authorized to access that record, an attacker could manipulate the account ID parameter in the URL and access other records they are not authorized to view.

The other answer options can be eliminated as follows:

Brute forcing of account credentials: This involves attempting to guess a user's password by repeatedly trying different combinations until the correct one is found. However, the question does not provide any indication that this type of attack is being used.
Plain-text credentials transmitted over the Internet: This refers to the practice of transmitting passwords or other sensitive information over the Internet in plain text, which can be intercepted by attackers. However, the question does not provide any indication that this is happening.
SQL injection of ERP back end: This involves injecting malicious SQL code into an application's back-end database in order to gain access to sensitive data. However, the URL provided in the question does not indicate that any SQL code is being injected.

Therefore, the MOST likely vulnerability in this ERP platform is an insecure direct object reference.

Prev Question Next Question