The Cloud computing is a powerful tool to optimize the cost in terms of hardware, controllable, utility to sharing the data, due to abovementioned features most of the organization switching their applications and services on the cloud. Cloud services offer secure and scalable services, but there is always some security problem when data have transmitted from a central storage server to a different cloud, personal and private data commitment increase risk of data confidentiality, integrity, availability, and authentication before one choose a vendor in the cloud or choose the cloud and move services in the cloud. This paper aims to resolve issues and provide the countermeasures relating to security issues in clouds based web applications. The vulnerability scores, its impact on confidentiality, integrity, availability, access complexity, and risk on assets calculated, and it observed most of the vulnerabilities identified during the scanning are related to security due to mis-configurations of web servers. The results analyzed for the vulnerability scores, vulnerabilities impact on confidentiality, integrity, availability, access complexity, and risk are analyzed description, and risk assessment. The countermeasures for each vulnerability based on the experimental results discussed.

由于大多数组织在云上切换其应用程序和服务的上述功能，因此云计算是一种功能强大的工具，可在硬件，可控，共享数据的实用程序方面优化成本。云服务提供了安全且可扩展的服务，但是当数据从中央存储服务器传输到另一台云时，总是存在一些安全问题，个人和私有数据承诺会增加数据机密性，完整性，可用性和身份验证的风险，然后再选择一项。云中的供应商或选择云并在云中移动服务。本文旨在解决问题并提供与基于云的Web应用程序中的安全性问题相关的对策。漏洞得分，其对机密性，完整性，可用性，访问复杂性的影响，以及计算的资产风险，并且它观察到扫描期间发现的大多数漏洞都与由于Web服务器配置错误而引起的安全性有关。针对漏洞评分，漏洞对机密性，完整性，可用性，访问复杂性和风险的影响进行分析的结果进行了分析描述和风险评估。根据讨论的实验结果，针对每个漏洞的对策。