🔥 3-day streak
CompTIA CySA+ (CS0-003)112 / 147
Question 112 of 147

A vulnerability analyst confirms a critical SQL injection flaw in a customer-facing web application. The scan report includes the affected URL, the CWE classification, and a recommended remediation. When the analyst tries to assign the finding for remediation, there is confusion: the infrastructure team says the OS is fully patched, the DevOps team says they only manage the CI/CD pipeline, and the application development team says they were never notified of scan results. Which underlying vulnerability management weakness is MOST directly responsible for this breakdown?

Reviewed for accuracy · Report an issueNext question