Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

misconfiguration

Definitions:

  An incorrect or subobtimal configuration of an information system or system component that may lead to vulnerabilities.
Sources:
NIST SP 800-128 under Misconfiguration

  An incorrect or suboptimal configuration of an information system or system component that may lead to vulnerabilities.
Sources:
NIST SP 800-128

  A setting within a computer program that violates a configuration policy or that permits or causes unintended behavior that impacts the security posture of a system. CCE can be used for enumerating misconfigurations. NOTE: NIST generally defines vulnerability as including both software flaws and configuration issues [misconfigurations]. For the purposes of the validation program and dependent procurement language, the SCAP Validation program is defining vulnerability and misconfiguration as two separate entities, with “vulnerability” referring strictly to software flaws.
Sources:
NISTIR 7511 Rev. 4 under Misconfiguration