Mobile Threat Catalogue

Compromised Backend Server

Contribute

Threat Category: Vulnerable Applications

ID: APP-9

Threat Description: If an app exchanges data with a compromised back-end server, it may be vulnerable to exploitation from what may be treated as a trusted system. This may provide an attacker with unauthorized access to sensitive user data or remote control over app behavior or content.

Threat Origin

Not Applicable, See Exploit or CVE Examples

Exploit Examples

Not Applicable

CVE Examples

Possible Countermeasures

Mobile App Developer

Follow best practices for server security, for example as described in https://www.owasp.org/index.php/Mobile_Top_10_2014-M1

References