Table of contents
3. The difference between bugs and vulnerabilities
2. What is a Web vulnerability?
1. What is a vulnerability?
1. Official definition
Vulnerability is a flaw in the specific implementation of hardware, software, protocol or system security policy, which allows attackers to access and operate without authorization, and this flaw is called a loophole
2. Basic understanding
Vulnerabilities are certain types of problems that occur in various stages of the life cycle (design, implementation, operation and maintenance, etc.) of hardware, software, and protocols. These problems will affect the security of the system (confidentiality, integrity, availability), thereby form a loophole
3. The difference between bugs and vulnerabilities
Some people often think that a bug is a loophole. In fact, it is not the same. A loophole and a bug are not the same. They are two concepts. Their relationship can be understood as: most bugs affect functionality, but do not involve security, that is, they do not constitute a loophole. ; Most of the vulnerabilities come from bugs, but not all of them come from bugs. It can be said that there is a great intersection between them
2. What is a Web vulnerability?
Web vulnerabilities refer to the security holes of web applications, which means that attackers can easily obtain the control authority of web application systems and servers, so as to carry out destructive activities such as webpage tampering and data theft, etc.