LAB 324 ATT&CK: Exploiting Java Web Application Server Misconfiguration (NEW)
Course Number: LAB 324
Course Duration: 12 minutes
Course CPE Credits: 0.25
Related Learning Paths
Foreign Languages Available:
This lab simulates a Security Misconfiguration vulnerability found in the AccountAll Cyber Range. The challenge includes an HR Back Office System that fails to implement the security principle of “Establish Secure Defaults”.
Leveraging a virtual machine, participants will analyze code to identify and mitigate instances of “Misconfiguration of default credentials”.
The objective of this lab is to apply ATT&CK Techniques T1190 Exploit Public-Facing Application” and “T1133 External Remote Services”.