Security misconfiguration is the implementation of improper security controls, such as for servers or application configurations, network devices, etc. that may lead to security vulnerabilities. For example, insecure configuration of web applications could lead to numerous security flaws including: Incorrect folder permissions