0

Refer to the seven security areas outlined in the Vulnerability Assessment Process Flow Diagram. Use what you’ve learned in steps 1 and 2 to guide your manual review. Identify all vulnerabilities in the Project One Code Base, linked in Supporting Materials, by manually inspecting the code. Document your findings in your vulnerability assessment report. Be sure to include a description that identifies where the vulnerabilities are found (specific class file, if applicable). Vulnerability Process Flow Diagram

@SpringBootApplication
public class RestServiceApplication {

   public static void main(String[] args) {
      SpringApplication.run(RestServiceApplication.class, args);
   }

}

public class myDateTime {
   int mySecond;
   int myMinute;
   int myHour;
   
   int[] retrieveDateTime() {
      /* implement accessor method */
      return new int[3];
   }
   
   void setMyDateTime(int seconds, int minutes, int hour) {
      /* implement accessor method */
   }
   

}

@RestController
public class GreetingController {

   private static final String template = "Hello, %s!";
   private final AtomicLong counter = new AtomicLong();

   @GetMapping("/greeting")
   public Greeting greeting(@RequestParam(value = "name", defaultValue = "World") String name) {
      return new Greeting(counter.incrementAndGet(), String.format(template, name));
   }
   
}

public class Greeting {
   private final long id;
   private final String content;

   public Greeting(long id, String content) {
      this.id = id;
      this.content = content;
   }

   public long getId() {
      return id;
   }

   public String getContent() {
      return content;
   }
}

public class customer {
   private int account_number;
    int account_balance;

    public int showInfo() {
        //code to show customer information 
       return this.account_number;
    }

    public void deposit(int a) {
            account_balance = account_balance + a;
    }
}

@RestController

public class CRUDController {


    @RequestMapping("/read")
    public CRUD CRUD(@RequestParam(value="business_name") String name) {
        DocData doc = new DocData();
        
        return new CRUD(doc.toString());
    }

}

public class CRUD {
   private final String content;
    private final String content2;

    public CRUD(String content) {
        this.content = content;
        this.content2 = content;
    }

    public CRUD(String content1, String content2) {
        this.content = content1;
        this.content2 = content2;
    }

    public String getContent() {
        return content;
    }

    public String getContent2() {
        return content2;
    }

}

Honestly, I am just confused about what I am doing and looking for in the code for it to be classified as a vulnerability. Anything helps, thanks.

Premsanity
  • 1
  • 4

0 Answers0