Status: Draft Weakness ID: 345 (Weakness Class)Summary The software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
The specific ways in which the origin is not properly identified should be laid out as separate weaknesses. In some sense, this is more like a category. Submissions PLOVER. (Externally Mined) Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Maintenance_Notes, Relationships,
Relationship_Notes, Taxonomy_Mappings CWE Content Team. MITRE. 2009-05-27. (Internal) updated Related_Attack_Patterns Previous Entry Names Insufficient Verification of
Data (changed
2008-04-11) |
|
Page Last Updated:
May 26, 2009
|
|
CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is hosted by The MITRE Corporation. Contact cwe@mitre.org for more information. |
|||
