Updating IDOR's (#435)

* Updating IDOR's

From:
P1 – Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > Read/Edit/Delete Sensitive Information/Iterable Object Identifiers
P2 – Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > Edit/Delete Sensitive Information/Iterable Object Identifiers
P3 – Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > Read Sensitive Information/Iterable Object Identifiers
P4 – Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > Read/Edit/Delete Sensitive Information/Complex Object Identifiers(GUID)
P5 – Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > Read/Edit/Delete Non-Sensitive Information

To:
P1 -  Broken Access Control (BAC) > Insecure Direct Object References (IDOR) >  Modify/View Sensitive Information(Iterable Object Identifiers)
P2  - Broken Access Control (BAC) > Insecure Direct Object References (IDOR) >  Modify Sensitive Information(Iterable Object Identifiers)
P3  - Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > View Sensitive Information(Iterable Object Identifiers)
P4  - Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > Modify/View Sensitive Information(Complex Object Identifiers GUID/UUID)
P5  - Broken Access Control (BAC) > Insecure Direct Object References (IDOR) > View Non-Sensitive Information

* Additional Files

* Rebase changes

---------

Co-authored-by: Abhinav Nain <[email protected]>

Author: TimmyBugcrowd

deprecated-node-mapping.json

@@ -238,5 +238,20 @@
   },
   "server_security_misconfiguration.misconfigured_dns.subdomain_takeover": {
     "1.14.1": "server_security_misconfiguration.misconfigured_dns.basic_subdomain_takeover"
+  },
+  "broken_access_control.idor.view_non_sensitive_information": {
+    "1.14.2": "broken_access_control.idor.read_edit_delete_non_sensitive_information"
+  },
+  "broken_access_control.idor.modify_view_sensitive_information_guid": {
+    "1.14.2": "broken_access_control.idor.read_edit_delete_sensitive_information_guid"
+  },
+  "broken_access_control.idor.view_sensitive_information_iterable_object_identifiers": {
+    "1.14.2": "broken_access_control.idor.read_sensitive_information_iterable_object_identifiers"
+  },
+  "broken_access_control.idor.modify_sensitive_information_iterable_object_identifiers": {
+    "1.14.2": "broken_access_control.idor.edit_delete_sensitive_information_iterable_object_identifiers"
+  },
+  "broken_access_control.idor.modify_view_sensitive_information_iterable_object_identifiers": {
+    "1.14.2": "broken_access_control.idor.read_edit_delete_sensitive_information_iterable_object_identifiers"
   }
 }

third-party-mappings/remediation_training/secure-code-warrior-links.json

@@ -62,11 +62,11 @@
   "broken_access_control.exposed_sensitive_android_intent": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:exposed_sensitive_android_intent&redirect=true",
   "broken_access_control.exposed_sensitive_ios_url_scheme": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:exposed_sensitive_ios_url_scheme&redirect=true",
   "broken_access_control.idor": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:idor&redirect=true",
-  "broken_access_control.idor.edit_delete_sensitive_information_iterable_object_identifiers": null,
-  "broken_access_control.idor.read_edit_delete_non_sensitive_information": null,
-  "broken_access_control.idor.read_edit_delete_sensitive_information_guid": null,
-  "broken_access_control.idor.read_edit_delete_sensitive_information_iterable_object_identifiers": null,
-  "broken_access_control.idor.read_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.idor.modify_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.idor.modify_view_sensitive_information_guid": null,
+  "broken_access_control.idor.modify_view_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.idor.view_non_sensitive_information": null,
+  "broken_access_control.idor.view_sensitive_information_iterable_object_identifiers": null,
   "broken_access_control.privilege_escalation": null,
   "broken_access_control.username_enumeration": null,
   "broken_access_control.username_enumeration.non_brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:username_enumeration:non_brute_force&redirect=true",

vulnerability-rating-taxonomy.json

@@ -396,32 +396,32 @@
           "type": "subcategory",
           "children": [
             {
-              "id": "edit_delete_sensitive_information_iterable_object_identifiers",
-              "name": "Edit/Delete Sensitive Information/Iterable Object Identifiers",
+              "id": "modify_sensitive_information_iterable_object_identifiers",
+              "name": "Modify Sensitive Information(Iterable Object Identifiers)",
               "type": "variant",
               "priority": 2
             },
             {
-              "id": "read_edit_delete_non_sensitive_information",
-              "name": "Read/Edit/Delete Non-Sensitive Information",
+              "id": "modify_view_sensitive_information_guid",
+              "name": "Modify/View Sensitive Information(Complex Object Identifiers GUID/UUID)",
               "type": "variant",
-              "priority": 5
+              "priority": 4
             },
             {
-              "id": "read_edit_delete_sensitive_information_guid",
-              "name": "Read/Edit/Delete Sensitive Information/Complex Object Identifiers(GUID)",
+              "id": "modify_view_sensitive_information_iterable_object_identifiers",
+              "name": "Modify/View Sensitive Information(Iterable Object Identifiers)",
               "type": "variant",
-              "priority": 4
+              "priority": 1
             },
             {
-              "id": "read_edit_delete_sensitive_information_iterable_object_identifiers",
-              "name": "Read/Edit/Delete Sensitive Information/Iterable Object Identifiers",
+              "id": "view_non_sensitive_information",
+              "name": "View Non-Sensitive Information",
               "type": "variant",
-              "priority": 1
+              "priority": 5
             },
             {
-              "id": "read_sensitive_information_iterable_object_identifiers",
-              "name": "Read Sensitive Information/Iterable Object Identifiers",
+              "id": "view_sensitive_information_iterable_object_identifiers",
+              "name": "View Sensitive Information(Iterable Object Identifiers)",
               "type": "variant",
               "priority": 3
             }