A company sells products through its webpage. An attacker finds a way to inject commands into their website and retrieve information. The company stores its data unencrypted and uses a weak password for the main server. The company lost major customers’ information due to a hacking incident. Define and identify the threat, vulnerability, and impact in this scenario.
In this scenario, the threat comes from the hacking attack that occurred by injecting commands into the website. The vulnerability comes from the company’s weak security preparedness, reflected in the main server’s weak password and the lack of data encryption. The impact of the scenario can be divided into short-term...