The vulnerabilities found during the audit are typically classified into different categories which helps to understand the nature of the vulnerability, potential impact/severity, impacted project components/functionality and exploit scenarios.
Trail of Bits, for example, uses the below classification:
- Access Controls: Related to authorization of users and assessment of rights
- Auditing and Logging: Related to auditing of actions or logging of problems
- Authentication: Related to the identification of users
- Configuration: Related to security configurations of servers, devices or software
- Cryptography: Related to protecting the privacy or integrity of data
- Data Exposure: Related to unintended exposure of sensitive information
- Data Validation: Related to improper reliance on the structure or values of data
- Denial of Service: Related to causing system failure
- Error Reporting: Related to the reporting of error conditions in a secure fashion
- Patching: Related to keeping software up to date
- Session Management: Related to the identification of authenticated users
- Timing: Related to race conditions, locking or order of operations
- Undefined Behavior: Related to undefined behavior triggered by the program
- Access Contorl
- Auditing/Logging
- Authentication
- Configuration
- Cryptography
- Data Exposure
- Data Validation
- Denial-of-Service
- Error Reporting
- Patching
- Session Management
- Timing