diff --git a/ThreatDragonModels/demo-threat-model.json b/ThreatDragonModels/demo-threat-model.json index 0ccc14889..11837a298 100644 --- a/ThreatDragonModels/demo-threat-model.json +++ b/ThreatDragonModels/demo-threat-model.json @@ -88,7 +88,7 @@ { "status": "Open", "severity": "Medium", - "description": "An attacker could obtain the DB credentials ans use them to make unauthorised queries.", + "description": "An attacker could obtain the DB credentials and use them to make unauthorised queries.", "title": "Credential theft", "type": "Information disclosure", "mitigation": "Use a firewall to restrict access to the DB to only the Background Worker IP address." @@ -133,7 +133,7 @@ "severity": "High", "title": "Credentials should be encrypted", "type": "Information disclosure", - "description": "The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.", + "description": "The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.", "mitigation": "The Message Queue credentials should be encrypted." } ], diff --git a/ThreatDragonModels/v2-threat-model.json b/ThreatDragonModels/v2-threat-model.json index 585a4fd70..1db0b61ed 100644 --- a/ThreatDragonModels/v2-threat-model.json +++ b/ThreatDragonModels/v2-threat-model.json @@ -118,7 +118,7 @@ { "status": "Open", "severity": "Medium", - "description": "An attacker could obtain the DB credentials ans use them to make unauthorised queries.", + "description": "An attacker could obtain the DB credentials and use them to make unauthorised queries.", "title": "Credential theft", "type": "Information disclosure", "mitigation": "Use a firewall to restrict access to the DB to only the Background Worker IP address.", @@ -173,7 +173,7 @@ "severity": "High", "title": "Credentials should be encrypted", "type": "Information disclosure", - "description": "The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.", + "description": "The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.", "mitigation": "The Message Queue credentials should be encrypted.", "modelType": "STRIDE", "id": "aaea0238-2984-4b25-8268-3798e63bed34" diff --git a/td.vue/src/service/demo/demo-threat-model.js b/td.vue/src/service/demo/demo-threat-model.js index 66a71941d..dd7585348 100644 --- a/td.vue/src/service/demo/demo-threat-model.js +++ b/td.vue/src/service/demo/demo-threat-model.js @@ -89,7 +89,7 @@ export default { { 'status': 'Open', 'severity': 'Medium', - 'description': 'An attacker could obtain the DB credentials ans use them to make unauthorised queries.', + 'description': 'An attacker could obtain the DB credentials and use them to make unauthorised queries.', 'title': 'Credential theft', 'type': 'Information disclosure', 'mitigation': 'Use a firewall to restrict access to the DB to only the Background Worker IP address.' @@ -134,7 +134,7 @@ export default { 'severity': 'High', 'title': 'Credentials should be encrypted', 'type': 'Information disclosure', - 'description': 'The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.', + 'description': 'The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.', 'mitigation': 'The Message Queue credentials should be encrypted.' } ], diff --git a/td.vue/src/service/demo/v2-threat-model.js b/td.vue/src/service/demo/v2-threat-model.js index 8fd7a1847..2c817963e 100644 --- a/td.vue/src/service/demo/v2-threat-model.js +++ b/td.vue/src/service/demo/v2-threat-model.js @@ -118,7 +118,7 @@ export default { { 'status': 'Open', 'severity': 'Medium', - 'description': 'An attacker could obtain the DB credentials ans use them to make unauthorised queries.', + 'description': 'An attacker could obtain the DB credentials and use them to make unauthorised queries.', 'title': 'Credential theft', 'type': 'Information disclosure', 'mitigation': 'Use a firewall to restrict access to the DB to only the Background Worker IP address.', @@ -173,7 +173,7 @@ export default { 'severity': 'High', 'title': 'Credentials should be encrypted', 'type': 'Information disclosure', - 'description': 'The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.', + 'description': 'The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.', 'mitigation': 'The Message Queue credentials should be encrypted.', 'modelType': 'STRIDE', 'id': 'aaea0238-2984-4b25-8268-3798e63bed34' diff --git a/td.vue/tests/e2e/fixtures/v1-model.json b/td.vue/tests/e2e/fixtures/v1-model.json index 42669c462..8bb570012 100644 --- a/td.vue/tests/e2e/fixtures/v1-model.json +++ b/td.vue/tests/e2e/fixtures/v1-model.json @@ -88,7 +88,7 @@ { "status": "Open", "severity": "Medium", - "description": "An attacker could obtain the DB credentials ans use them to make unauthorised queries.", + "description": "An attacker could obtain the DB credentials and use them to make unauthorised queries.", "title": "Credential theft", "type": "Information disclosure", "mitigation": "Use a firewall to restrict access to the DB to only the Background Worker IP address." @@ -133,7 +133,7 @@ "severity": "High", "title": "Credentials should be encrypted", "type": "Information disclosure", - "description": "The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.", + "description": "The Web Application Config stores credentials used by the Web App to access the message queue. These could be stolen by an attacker and used to read confidential data or place poison message on the queue.", "mitigation": "The Message Queue credentials should be encrypted." } ],