CodeWallDocs
Findings

Severity Levels

How CodeWall rates the severity of discovered vulnerabilities.

CodeWall assigns severity levels based on the potential impact and exploitability of each vulnerability, aligned with industry standards.

Severity scale

Critical

Vulnerabilities that can be exploited remotely with no authentication and lead to full system compromise, data breach, or complete loss of confidentiality, integrity, or availability.

Examples: Remote code execution, SQL injection with admin access, authentication bypass.

High

Vulnerabilities with significant impact that require minimal conditions to exploit.

Examples: Stored XSS in admin panels, privilege escalation, IDOR exposing sensitive data.

Medium

Vulnerabilities with moderate impact or that require specific conditions to exploit.

Examples: CSRF on sensitive actions, information disclosure of internal paths, missing security headers.

Low

Vulnerabilities with limited impact or that require significant preconditions.

Examples: Verbose error messages, minor information leakage, outdated but unexploitable software versions.

Informational

Observations that are not directly exploitable but may indicate areas for improvement.

Examples: Missing best-practice headers, software version disclosure, directory listing on non-sensitive paths.

Understanding Findings

Learn how to read and interpret CodeWall vulnerability findings.

Remediation

Acting on findings to fix discovered vulnerabilities.

On this page

Severity scaleCriticalHighMediumLowInformational