CWE
CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.1)  

CWE-355: User Interface Security Issues

 
User Interface Security Issues
Category ID: 355 (Category)Status: Draft
+ Description

Description Summary

Weaknesses in this category are related to or introduced in the User Interface (UI).
+ Applicable Platforms

Languages

All

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory254Security Features
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base356Product UI does not Warn User of Unsafe Actions
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base357Insufficient UI Warning of Dangerous Operations
Development Concepts (primary)699
ParentOfWeakness VariantWeakness Variant549Missing Password Field Masking
Development Concepts699
+ Research Gaps

User interface errors that are relevant to security have not been studied at a high level.

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVER(UI) User Interface Errors
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
Back to top
Page Last Updated: September 12, 2011
 

CWE is a Software Assurance strategic initiative co-sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is sponsored and managed by The MITRE Corporation to enable stakeholder collaboration. Copyright © 2006-2012, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us