CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.6)  

Presentation Filter:

CWE-629: Weaknesses in OWASP Top Ten (2007)

 
Weaknesses in OWASP Top Ten (2007)
View ID: 629 (View: Graph)Status: Draft
+ View Data

View Objective

CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2007.

+ View Metrics
CWEs in this viewTotal CWEs
Total38out of943
Views0out of31
Categories10out of187
Weaknesses27out of717
Compound_Elements1out of8
+ View Audience
StakeholderDescription
Developers

This view outlines the most important issues as identified by the OWASP Top Ten (2007 version), providing a good starting point for web application developers who want to code more securely.

Software_Customers

This view outlines the most important issues as identified by the OWASP Top Ten (2007 version), providing customers with a way of asking their software developers to follow minimum expectations for secure code.

Educators

Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberCategoryCategory712OWASP Top Ten 2007 Category A1 - Cross Site Scripting (XSS)
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory713OWASP Top Ten 2007 Category A2 - Injection Flaws
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory714OWASP Top Ten 2007 Category A3 - Malicious File Execution
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory715OWASP Top Ten 2007 Category A4 - Insecure Direct Object Reference
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory716OWASP Top Ten 2007 Category A5 - Cross Site Request Forgery (CSRF)
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory717OWASP Top Ten 2007 Category A6 - Information Leakage and Improper Error Handling
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory718OWASP Top Ten 2007 Category A7 - Broken Authentication and Session Management
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory719OWASP Top Ten 2007 Category A8 - Insecure Cryptographic Storage
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory720OWASP Top Ten 2007 Category A9 - Insecure Communications
Weaknesses in OWASP Top Ten (2007) (primary)629
HasMemberCategoryCategory721OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
Weaknesses in OWASP Top Ten (2007) (primary)629
MemberOfViewView699Development Concepts
Development Concepts (primary)699
+ Relationship Notes

The relationships in this view are a direct extraction of the CWE mappings that are in the 2007 OWASP document. CWE has changed since the release of that document.

+ References
"Top 10 2007". OWASP. 2007-05-18. <http://www.owasp.org/index.php/Top_10_2007>.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Description, Name, Relationships, References, Relationship_Notes, View_Audience, View_Structure
Previous Entry Names
Change DatePrevious Entry Name
2008-09-09Weaknesses in OWASP Top Ten
Page Last Updated: February 18, 2014