What is one outcome when an application has not addressed known vulnerabilities?

When an application has not addressed known vulnerabilities, the outcome is an increased likelihood of an exploit. This is primarily because unpatched vulnerabilities can be exploited by attackers to gain unauthorized access, execute malicious code, or compromise data integrity. Attackers actively seek out these weaknesses within applications; if they are aware that certain vulnerabilities exist and have not been mitigated, they will attempt to exploit them.

In the context of application security, maintaining awareness and addressing identified vulnerabilities is crucial. Each unaddressed vulnerability can be viewed as a potential entry point for cyber threats. Effective vulnerability management, including regular updates and patches, plays a significant role in defending against attacks and maintaining the confidentiality, integrity, and availability of systems.

The other options do not accurately reflect the consequences of not addressing known vulnerabilities. Enhanced user trust usually stems from a history of proactive security measures, while a reduction in system performance is not a direct outcome of unaddressed vulnerabilities. Security compliance, on the other hand, often requires organizations to actively address known vulnerabilities to meet regulatory standards, not a guarantee when they are ignored.