CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.0)  
ID

CWE CATEGORY: Pathname Traversal and Equivalence Errors

Category ID: 21
Status: Incomplete
+ Summary
Weaknesses in this category can be used to access files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence). Files, directories, and folders are so central to information technology that many different weaknesses and variants have been discovered. The manipulations generally involve special characters or sequences in pathnames, or the use of alternate references or channels.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVER
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITRE
updated Relationships, Taxonomy_Mappings, Type
2008-10-14CWE Content TeamMITRE
updated Description
2012-05-11CWE Content TeamMITRE
updated Related_Attack_Patterns
2013-02-21CWE Content TeamMITRE
updated Potential_Mitigations
2014-02-18CWE Content TeamMITRE
updated Potential_Mitigations
2015-12-07CWE Content TeamMITRE
updated Relationships
2017-11-08CWE Content TeamMITRE
updated Applicable_Platforms, Description, Potential_Mitigations, Related_Attack_Patterns, Relationships

More information is available — Please select a different filter.
Page Last Updated: November 14, 2017