V-222609
Application Security and Development Security Technical Implementation Guide
Title
The application must not be subject to input handling vulnerabilities.
Description
<VulnDiscussion>A common application vulnerability is unpredictable behavior due to improper input validation. This requirement guards against adverse or unintended system behavior caused by invalid inputs, where information system responses to the invalid input may be disruptive or cause the system to fail into an unsafe state. Data received from the user should always be suspected as being malicious and always validated prior to using it as input to the application. Some examples of input me...
Fix Text (Documentation Requirement)
Follow best practice when accepting user input and verify that all input is validated before the application processes the input. Remediate identified vulnerabilities and obtain documented risk acceptance for those issues that cannot be remediated immediately.