CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE CATEGORY: Environment

Category ID: 2
Status: Draft
+ Description

Description Summary

Weaknesses in this category are typically introduced during unexpected environmental conditions.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory933OWASP Top Ten 2013 Category A5 - Security Misconfiguration
Weaknesses in OWASP Top Ten (2013) (primary)928
ParentOfWeakness VariantWeakness Variant5J2EE Misconfiguration: Data Transmission Without Encryption
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant6J2EE Misconfiguration: Insufficient Session-ID Length
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant7J2EE Misconfiguration: Missing Custom Error Page
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant8J2EE Misconfiguration: Entity Bean Declared Remote
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant9J2EE Misconfiguration: Weak Access Permissions for EJB Methods
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant11ASP.NET Misconfiguration: Creating Debug Binary
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant12ASP.NET Misconfiguration: Missing Custom Error Page
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness VariantWeakness Variant13ASP.NET Misconfiguration: Password in Configuration File
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness BaseWeakness Base14Compiler Removal of Code to Clear Buffers
Seven Pernicious Kingdoms (primary)700
ParentOfWeakness ClassWeakness Class435Interaction Error
Weaknesses for Simplified Mapping of Published Vulnerabilities (primary)1003
MemberOfViewView700Seven Pernicious Kingdoms
Seven Pernicious Kingdoms (primary)700
MemberOfViewView1003Weaknesses for Simplified Mapping of Published Vulnerabilities
Weaknesses for Simplified Mapping of Published Vulnerabilities (primary)1003
+ Maintenance Notes

This entry is being considered for deprecation. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. It cannot be deprecated until after the CWE team has reviewed whether other CWE elements are appropriately capturing the "location" in which the weaknesses are introduced.

+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships
2013-07-17CWE Content TeamMITREInternal
updated Relationships
2015-12-07CWE Content TeamMITREInternal
updated Relationships
2017-01-19CWE Content TeamMITREInternal
updated Maintenance_Notes, Relationships

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017