- Checkmarx Documentation
- Checkmarx One
- Checkmarx One User Guide
- DAST (Dynamic Application Software Testing)
- Viewing Results
- Type of Results/Alerts Covered
Type of Results/Alerts Covered
The DAST engine includes passive and active scan rules which find specific vulnerabilities.
Currently the type of alerts covered by DAST are the following:
Id | Alert | Severity | Type |
---|---|---|---|
Medium | Active | ||
Low | Passive | ||
Passive | |||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Active | |||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
Medium | Passive | ||
Low | Passive | ||
Low | Passive | ||
Informational | Passive | ||
Low | Passive | ||
Informational | Passive | ||
Passive | |||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Low | Passive | ||
Low | Passive | ||
Informational | Passive | ||
Information Disclosure - Sensitive Information in HTTP Referrer Header | Informational | Passive | |
Informational | Passive | ||
Passive | |||
Passive | |||
Passive | |||
Passive | |||
Passive | |||
Medium | Passive | ||
Medium | Passive | ||
Low | Passive | ||
High | Passive | ||
High | Passive | ||
Informational | Passive | ||
Passive | |||
Passive | |||
Passive | |||
Passive | |||
Server Leaks its Webserver Application via 'Server' HTTP Response Header Field | Informational | Passive | |
Server Leaks Version Information via 'Server' HTTP Response Header Field | Low | Passive | |
Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s) | Low | Passive | |
Passive | |||
Medium | Passive | ||
Informational | Passive | ||
Informational | Passive | ||
Passive | |||
Passive | |||
Passive | |||
Passive | |||
Passive | |||
Big Redirect Detected (Potential Sensitive Information Leak) | Passive | ||
High | Active | ||
Passive | |||
Passive | |||
Low | Passive | ||
Passive | |||
Low | Passive | ||
Low | Passive | ||
Low | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Medium | Passive | ||
Informational | Passive | ||
Low | Passive | ||
Informational | Passive | ||
Informational | Active | ||
Low | Passive | ||
High | Passive | ||
Low | Passive | ||
Passive | |||
Medium | Passive | ||
Informational | Active | ||
Passive | |||
Passive | |||
Passive | |||
Passive | |||
High | Active | ||
High | Active | ||
High | Active | ||
Active | |||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
Medium | Active | ||
Medium | Active | ||
Medium | Active | ||
Medium | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
Informational | Active | ||
Informational | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
High | Active | ||
Medium | Active | ||
Medium | Active | ||
Medium | Active | ||
Medium | Active | ||
Medium | Active | ||
Medium | Passive | ||
Informational | Passive | ||
Medium | Active | ||
Active | |||
High | Active | ||
High | Active | ||
High | Active | ||
Medium | Passive | ||
High | Active | ||
High | Active | ||
Informational | Passive | ||
High | Active | ||
Medium | WebSocket Passive | ||
Informational | WebSocket Passive | ||
Low | WebSocket Passive | ||
Informational | WebSocket Passive | ||
High | WebSocket Passive | ||
Low | WebSocket Passive | ||
Informational | WebSocket Passive | ||
Information Disclosure - Suspicious Comments in XML via WebSocket | Informational | WebSocket Passive |