Critical-risk tools in Bexio
34 of the 276 tools in Bexio are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
cancel_invoiceDestructiveCancel an invoice
-
delete_absenceDestructiveDelete an absence record. Requires Bexio Payroll module subscription.
-
delete_additional_addressDestructiveDelete an additional address from a contact
-
delete_billDestructiveDelete a bill (creditor invoice)
-
delete_contactDestructiveDelete a contact (soft delete -- moves to trash). Use restore_contact to recover.
-
delete_contact_groupDestructiveDelete a contact group by ID
-
delete_contact_relationDestructiveDelete a contact relation
-
delete_countryDestructiveDelete a country by ID
-
delete_currencyDestructiveDelete a currency by ID. Cannot delete currencies in use by documents.
-
delete_expenseDestructiveDelete an expense
-
delete_fictional_userDestructiveDelete a fictional user
-
delete_fileDestructiveDelete a file from Bexio
-
delete_invoiceDestructiveDelete an invoice
-
delete_itemDestructiveDelete an item
-
delete_manual_entryDestructiveDelete a manual entry
-
delete_milestoneDestructiveDelete a milestone from a project in Bexio
-
delete_noteDestructiveDelete a note by ID
-
delete_orderDestructiveDelete an order
-
delete_order_repetitionDestructiveDelete repetition settings for an order
-
delete_outgoing_paymentDestructiveDelete an outgoing payment
-
delete_paymentDestructiveDelete a payment
-
delete_projectDestructiveDelete a project from Bexio by ID. Consider using archive_project instead for data retention.
-
delete_purchase_orderDestructiveDelete a purchase order
-
delete_quoteDestructiveDelete a quote
-
delete_reminderDestructiveDelete a reminder
-
delete_salutationDestructiveDelete a salutation by ID
-
delete_taskDestructiveDelete a task by ID
-
delete_timesheetDestructiveDelete a timesheet entry by ID
-
delete_titleDestructiveDelete a title by ID
-
delete_unitDestructiveDelete a unit by ID
-
delete_work_packageDestructiveDelete a work package from a project in Bexio
-
create_paymentFinancialCreate a new payment for an invoice
-
create_payment_typeFinancialCreate a new payment type for invoices and payments
-
send_invoiceFinancialSend an invoice
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.