{"id":2806,"date":"2013-10-03T16:30:44","date_gmt":"2013-10-03T15:30:44","guid":{"rendered":"https:\/\/dn-www.azurewebsites.net\/2013\/10\/03\/common-internal-vulnerabilities\/"},"modified":"2025-07-29T14:11:00","modified_gmt":"2025-07-29T13:11:00","slug":"common-internal-vulnerabilities","status":"publish","type":"post","link":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/","title":{"rendered":"Common Internal Vulnerabilities"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"2806\" class=\"elementor elementor-2806\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4d20ad89 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4d20ad89\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-23b9e1ba\" data-id=\"23b9e1ba\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7c49cddf elementor-widget elementor-widget-text-editor\" data-id=\"7c49cddf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\">There is a perception by many organisations that their internal network is a relatively safe haven from attackers. The thought is that well configured firewall rules and regular external penetration testing of internet connections provide adequate protection for the internal network. \u201cWe are safe inside the firewall and we trust our users, so we don\u2019t need to worry so much about hardening, patching, access control and the rest\u201d is an all too familiar view.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\">However, although the security of externally facing networks has improved, we have seen a rise in social engineering, client side attacks and physical intrusions into networks as a means of bypassing these external network controls. Recent high profile cases where criminals planted rogue equipment inside networks to steal money are likely to be just the tip of the iceberg. An internal network is increasingly a more appealing target for a hacker, than a highly secured external network. Once the hacker has obtained internal access, they can sit back and look for vulnerabilities, of which there is no short supply.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\">For a recent seminar, I started to compile a list of common vulnerabilities found on internal networks that led to compromise of specific systems or whole networks. I started to look for common threads in the vulnerabilities Dionach had found on the numerous internal tests we have performed over the years. After spending time looking through the results of previous assignments, speaking to colleagues and drawing from my own experiences I started to realise that putting together a concise list was much harder than I thought. I started looking for examples where one vulnerability or series of vulnerabilities had led to full system, network or domain compromise. I found that I wasn\u2019t short on specific examples. Sometimes full compromises came from very simple misconfigurations or errors. Other times, a compromise came from a highly complex chain of lower risk vulnerabilities being exploited. The common factor in all tests was that numerous vulnerabilities were always present. The examples I had collected were fascinating, however, the aim of my presentation was to give an overview of common vulnerabilities. Somehow I needed to try and summarise the issues, to list the key components, or categories of some of the more serious exploits. This started to seem like a more manageable concept.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\">So here it is. This is my breakdown of the key vulnerability areas that I found that lead directly to a compromise or resulted in a compromise in combination with each other.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\"><strong>1. Weak \/ Default Passwords<\/strong><br \/>A close look at most internal networks reveals a significant number of weak passwords,. Everything from normal users with \u201ccomplex\u201d passwords such as \u201cPassword01\u201d and default system credentials, such as \u201ctomcat:tomcat\u201d or \u201csa:blank\u201d, through to the classic \u201ctest:test\u201d or \u201cbackupexec:backupexec\u201d domain administrator accounts. Weak passwords are a common way to easily gain unauthorised access to systems within an internal network. Whether external attacker or rogue employee, password guessing is simple!<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\"><strong>2. Inappropriate Privileges<\/strong><br \/>Life is made much easier for an attacker when permissions and privileges are attributed inappropriately. Dionach often finds a high number of users in the Domain Admins group, test accounts with full administrator access, service accounts running with full privilege on the system or domain, redundant accounts that are still enabled and have access to live systems, and data that is easily accessible without appropriate control. Not keeping a good handle on privilege management leads to inappropriate access to resources.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\"><strong>3. Access Control Issues \/ Information Leakage<\/strong><br \/>ess emphasis is often placed in an internal network on locking things down, hardening systems and restricting access to services and system information. The internal network is a feast of information for someone who can gain access to it. Even a quick inspection of the internal network can uncover information or credentials that can be used to compromise systems. Examples include unencrypted Excel spreadsheets listing passwords, unprotected batch files containing admin credentials, backups of databases, virtual machines or mailboxes copied \u201ctemporarily\u201d to an unsecured network share, database connection strings freely available, and more. If you look for long enough through network shares, the information is there for the taking.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\"><strong>4. Inadequate Patching of Systems<\/strong><br \/>Patching is an age old problem: how to apply critical security patches to live systems in a timely manner without affecting the availability of the system. Although many organisations seem to place a good emphasis on managing operating system security updates using systems such as WSUS, many other third party software is installed and forgotten about, slowly accumulating vulnerabilities over time. Similarly with device firmware, without an adequate procedure to monitor and update firmware, the device is often installed and only revisited when there is a functionality issue with it. For as long as internal systems remain unpatched, there is a potential for them to be exploited by an internal attacker.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\"><strong>5. Unsecured Workstations<\/strong><br \/>\u201cIt\u2019s only a workstation, there\u2019s nothing sensitive stored on it.\u201d is something we often hear. However, a workstation can be a key starting point to target a network. The all too familiar combination of an unencrypted Windows workstation that can be booted to alternate media such as Kali Linux gives so many possibilities to target the Windows domain or other systems. Extracting credentials from the SAM database, discovering credentials in installation files or leveraging inappropriate account privileges can often lead to full domain compromise.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\"><strong>6. Vulnerabilities in Intranet Applications<\/strong><br \/>Security testing externally available web applications is a common part of the security program of many organisations. However, internal applications are often overlooked in this process, again because the internal location is perceived as being safe. The problem with many internal applications is that not only do they often contain more vulnerabilities than their externally available counterparts, they have a number of other factors that are interesting to an attacker: they are often installed on internal domain resources, often running on servers without adequate malware protection, often running with inappropriately privileged service accounts and rarely separated from the rest of the network. For example, a SQL injection vulnerability on an internal application often leads not only to a compromise of the sensitive data held in its databases, but often to a compromise of other systems and full domain control.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\">As for a list of exploits, many of the above examples can lead to system compromise on their own. However, a typical \u201csophisticated\u201d compromise of a system invariably includes many, if not all, of the categories above.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\">So what can be done? Internal penetration testing will find and highlight these vulnerabilities. However, without good supporting policy and procedure, the root cause of such issues may remain and vulnerabilities will reoccur over time. ISO 27001 provides an excellent framework to put procedures in place to tackle some of these issues, for example sections A10 on Communications and operations management, and A11 on Access control. What is clear is that internal networks are not safe from hackers and companies need to recognise and act on this risk.<\/p><p style=\"margin: 0.5em 0px; color: #000000; font-family: frutiger-lt-45-light1, Verdana, Geneva, Arial, helvetica, sans-serif; font-size: 14px; line-height: 24px;\">\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Common Internal Vulnerabilities<\/p>\n","protected":false},"author":1,"featured_media":15500,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[209],"class_list":["post-2806","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-researchblog","tag-infrastructure","wpbf-post"],"contentshake_article_id":"","yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Common Internal Vulnerabilities<\/title>\n<meta name=\"description\" content=\"Learn about common internal vulnerabilities found during security assessments and how to address them before they lead to serious breaches.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Common Internal Vulnerabilities\" \/>\n<meta property=\"og:description\" content=\"Learn about common internal vulnerabilities found during security assessments and how to address them before they lead to serious breaches.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"Dionach\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/dionachcyber\" \/>\n<meta property=\"article:published_time\" content=\"2013-10-03T15:30:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-29T13:11:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/dionach.com\/wp-content\/uploads\/2013\/10\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1333\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Dionach Admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@dionachcyber\" \/>\n<meta name=\"twitter:site\" content=\"@dionachcyber\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dionach Admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/\"},\"author\":{\"name\":\"Dionach Admin\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#\\\/schema\\\/person\\\/e73f3537233924cf4944f7807068b3c8\"},\"headline\":\"Common Internal Vulnerabilities\",\"datePublished\":\"2013-10-03T15:30:44+00:00\",\"dateModified\":\"2025-07-29T13:11:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/\"},\"wordCount\":1161,\"publisher\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/dionach.com\\\/wp-content\\\/uploads\\\/2013\\\/10\\\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1\",\"keywords\":[\"infrastructure\"],\"articleSection\":[\"researchblog\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/\",\"url\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/\",\"name\":\"Common Internal Vulnerabilities\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/dionach.com\\\/wp-content\\\/uploads\\\/2013\\\/10\\\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1\",\"datePublished\":\"2013-10-03T15:30:44+00:00\",\"dateModified\":\"2025-07-29T13:11:00+00:00\",\"description\":\"Learn about common internal vulnerabilities found during security assessments and how to address them before they lead to serious breaches.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/dionach.com\\\/wp-content\\\/uploads\\\/2013\\\/10\\\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/dionach.com\\\/wp-content\\\/uploads\\\/2013\\\/10\\\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1\",\"width\":2000,\"height\":1333},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/common-internal-vulnerabilities\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Common Internal Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#website\",\"url\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/\",\"name\":\"Dionach\",\"description\":\"Real Security in a Virtual World\",\"publisher\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#organization\",\"name\":\"Dionach\",\"url\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.dionach.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/cropped-Dionach-vertical-col-yel-nomios-black-1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.dionach.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/cropped-Dionach-vertical-col-yel-nomios-black-1.jpg\",\"width\":512,\"height\":512,\"caption\":\"Dionach\"},\"image\":{\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/dionachcyber\",\"https:\\\/\\\/x.com\\\/dionachcyber\",\"https:\\\/\\\/uk.linkedin.com\\\/company\\\/dionach-ltd\",\"https:\\\/\\\/www.instagram.com\\\/dionachcyber\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/dionach.com\\\/en-us\\\/#\\\/schema\\\/person\\\/e73f3537233924cf4944f7807068b3c8\",\"name\":\"Dionach Admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3061726a64a760303f6ea8f0976d3e8e0a6997b4da543be9a650b81584b4e79e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3061726a64a760303f6ea8f0976d3e8e0a6997b4da543be9a650b81584b4e79e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3061726a64a760303f6ea8f0976d3e8e0a6997b4da543be9a650b81584b4e79e?s=96&d=mm&r=g\",\"caption\":\"Dionach Admin\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Common Internal Vulnerabilities","description":"Learn about common internal vulnerabilities found during security assessments and how to address them before they lead to serious breaches.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"Common Internal Vulnerabilities","og_description":"Learn about common internal vulnerabilities found during security assessments and how to address them before they lead to serious breaches.","og_url":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/","og_site_name":"Dionach","article_publisher":"https:\/\/www.facebook.com\/dionachcyber","article_published_time":"2013-10-03T15:30:44+00:00","article_modified_time":"2025-07-29T13:11:00+00:00","og_image":[{"width":2000,"height":1333,"url":"https:\/\/i0.wp.com\/dionach.com\/wp-content\/uploads\/2013\/10\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1","type":"image\/jpeg"}],"author":"Dionach Admin","twitter_card":"summary_large_image","twitter_creator":"@dionachcyber","twitter_site":"@dionachcyber","twitter_misc":{"Written by":"Dionach Admin","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/"},"author":{"name":"Dionach Admin","@id":"https:\/\/dionach.com\/en-us\/#\/schema\/person\/e73f3537233924cf4944f7807068b3c8"},"headline":"Common Internal Vulnerabilities","datePublished":"2013-10-03T15:30:44+00:00","dateModified":"2025-07-29T13:11:00+00:00","mainEntityOfPage":{"@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/"},"wordCount":1161,"publisher":{"@id":"https:\/\/dionach.com\/en-us\/#organization"},"image":{"@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/dionach.com\/wp-content\/uploads\/2013\/10\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1","keywords":["infrastructure"],"articleSection":["researchblog"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/","url":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/","name":"Common Internal Vulnerabilities","isPartOf":{"@id":"https:\/\/dionach.com\/en-us\/#website"},"primaryImageOfPage":{"@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/#primaryimage"},"image":{"@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/dionach.com\/wp-content\/uploads\/2013\/10\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1","datePublished":"2013-10-03T15:30:44+00:00","dateModified":"2025-07-29T13:11:00+00:00","description":"Learn about common internal vulnerabilities found during security assessments and how to address them before they lead to serious breaches.","breadcrumb":{"@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/#primaryimage","url":"https:\/\/i0.wp.com\/dionach.com\/wp-content\/uploads\/2013\/10\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1","contentUrl":"https:\/\/i0.wp.com\/dionach.com\/wp-content\/uploads\/2013\/10\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1","width":2000,"height":1333},{"@type":"BreadcrumbList","@id":"https:\/\/dionach.com\/en-us\/common-internal-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dionach.com\/en-us\/"},{"@type":"ListItem","position":2,"name":"Common Internal Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/dionach.com\/en-us\/#website","url":"https:\/\/dionach.com\/en-us\/","name":"Dionach","description":"Real Security in a Virtual World","publisher":{"@id":"https:\/\/dionach.com\/en-us\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dionach.com\/en-us\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/dionach.com\/en-us\/#organization","name":"Dionach","url":"https:\/\/dionach.com\/en-us\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dionach.com\/en-us\/#\/schema\/logo\/image\/","url":"https:\/\/www.dionach.com\/wp-content\/uploads\/2025\/02\/cropped-Dionach-vertical-col-yel-nomios-black-1.jpg","contentUrl":"https:\/\/www.dionach.com\/wp-content\/uploads\/2025\/02\/cropped-Dionach-vertical-col-yel-nomios-black-1.jpg","width":512,"height":512,"caption":"Dionach"},"image":{"@id":"https:\/\/dionach.com\/en-us\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/dionachcyber","https:\/\/x.com\/dionachcyber","https:\/\/uk.linkedin.com\/company\/dionach-ltd","https:\/\/www.instagram.com\/dionachcyber\/"]},{"@type":"Person","@id":"https:\/\/dionach.com\/en-us\/#\/schema\/person\/e73f3537233924cf4944f7807068b3c8","name":"Dionach Admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/3061726a64a760303f6ea8f0976d3e8e0a6997b4da543be9a650b81584b4e79e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/3061726a64a760303f6ea8f0976d3e8e0a6997b4da543be9a650b81584b4e79e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3061726a64a760303f6ea8f0976d3e8e0a6997b4da543be9a650b81584b4e79e?s=96&d=mm&r=g","caption":"Dionach Admin"}}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/dionach.com\/wp-content\/uploads\/2013\/10\/20190731183614-GettyImages-1086701238.jpeg?fit=2000%2C1333&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/ph4Ojq-Jg","_links":{"self":[{"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/posts\/2806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/comments?post=2806"}],"version-history":[{"count":0,"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/posts\/2806\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/media\/15500"}],"wp:attachment":[{"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/media?parent=2806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/categories?post=2806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dionach.com\/en-us\/wp-json\/wp\/v2\/tags?post=2806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}