CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.0)  
ID

CWE-668: Exposure of Resource to Wrong Sphere

Weakness ID: 668
Abstraction: Class
Structure: Simple
Status: Draft
Presentation Filter:
+ Description
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
+ Extended Description

Resources such as files and directories may be inadvertently exposed through mechanisms such as insecure permissions, or when a program accidentally operates on the wrong object. For example, a program may intend that private files can only be provided to a specific user. This effectively defines a control sphere that is intended to prevent attackers from accessing these private files. If the file permissions are insecure, then parties other than the user will be able to access those files.

A separate control sphere might effectively require that the user can only access the private files, but not any other files on the system. If the program does not ensure that the user is only requesting private files, then the user might be able to access other files on the system.

In either case, the end result is that a resource has been exposed to the wrong party.

+ Relationships

The table(s) below shows the weaknesses and high level categories that are related to this weakness. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.

+ Relevant to the view "Research Concepts" (CWE-1000)
NatureTypeIDName
ChildOfClassClass664Improper Control of a Resource Through its Lifetime
ParentOfVariantVariant8J2EE Misconfiguration: Entity Bean Declared Remote
ParentOfClassClass22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ParentOfClassClass200Information Exposure
ParentOfVariantVariant220Sensitive Data Under FTP Root
ParentOfBaseBase374Passing Mutable Objects to an Untrusted Method
ParentOfBaseBase375Returning a Mutable Object to an Untrusted Caller
ParentOfBaseBase377Insecure Temporary File
ParentOfClassClass402Transmission of Private Resources into a New Sphere ('Resource Leak')
ParentOfBaseBase427Uncontrolled Search Path Element
ParentOfBaseBase428Unquoted Search Path or Element
ParentOfVariantVariant491Public cloneable() Method Without Final ('Object Hijack')
ParentOfVariantVariant492Use of Inner Class Containing Sensitive Data
ParentOfVariantVariant493Critical Public Variable Without Final Modifier
ParentOfClassClass514Covert Channel
ParentOfBaseBase522Insufficiently Protected Credentials
ParentOfBaseBase552Files or Directories Accessible to External Parties
ParentOfVariantVariant582Array Declared Public, Final, and Static
ParentOfVariantVariant583finalize() Method Declared Public
ParentOfVariantVariant608Struts: Non-private Field in ActionForm Class
ParentOfClassClass642External Control of Critical State Data
ParentOfClassClass732Incorrect Permission Assignment for Critical Resource
ParentOfVariantVariant766Critical Variable Declared Public
ParentOfVariantVariant767Access to Critical Private Variable via Public Method
ParentOfVariantVariant927Use of Implicit Intent for Sensitive Communication
ParentOfVariantVariant942Overly Permissive Cross-domain Whitelist
CanFollowVariantVariant219Sensitive Data Under Web Root
CanFollowClassClass441Unintended Proxy or Intermediary ('Confused Deputy')
+ Relevant to the view "Weaknesses for Simplified Mapping of Published Vulnerabilities" (CWE-1003)
+ Relevant to the view "Architectural Concepts" (CWE-1008)
NatureTypeIDName
MemberOfCategoryCategory1011Authorize Actors
+ Relevant to the view "Development Concepts" (CWE-699)
NatureTypeIDName
MemberOfCategoryCategory3617PK - Time and State
ParentOfBaseBase552Files or Directories Accessible to External Parties
+ Modes Of Introduction

The different Modes of Introduction provide information about how and when this weakness may be introduced. The Phase identifies a point in the software life cycle at which introduction may occur, while the Note provides a typical scenario related to introduction during the given phase.

PhaseNote
Architecture and Design
ImplementationREALIZATION: This weakness is caused during implementation of an architectural security tactic.
Operation
+ Common Consequences

The table below specifies different individual consequences associated with the weakness. The Scope identifies the application security area that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in exploiting this weakness. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a weakness will be exploited to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.

ScopeImpactLikelihood
Confidentiality
Integrity
Other

Technical Impact: Read Application Data; Modify Application Data; Other

+ Memberships
This MemberOf Relationships table shows additional CWE Categories and Views that reference this weakness as a member. This information is often useful in understanding where a weakness fits within the context of external information sources.
NatureTypeIDName
MemberOfCategoryCategory3617PK - Time and State
MemberOfCategoryCategory963SFP Secondary Cluster: Exposed Data
+ Notes

Theoretical

A "control sphere" is a set of resources and behaviors that are accessible to a single actor, or a group of actors. A product's security model will typically define multiple spheres, possibly implicitly. For example, a server might define one sphere for "administrators" who can create new user accounts with subdirectories under /home/server/, and a second sphere might cover the set of users who can create or delete files within their own subdirectories. A third sphere might be "users who are authenticated to the operating system on which the product is installed." Each sphere has different sets of actors and allowable behaviors.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigital
updated Time_of_Introduction
2008-09-08CWE Content TeamMITRE
updated Relationships, Other_Notes
2008-11-24CWE Content TeamMITRE
updated Relationships
2009-05-27CWE Content TeamMITRE
updated Relationships
2009-07-22CWE Content TeamMITRE
Clarified description to include permissions.
2009-07-27CWE Content TeamMITRE
updated Description, Relationships
2009-10-29CWE Content TeamMITRE
updated Other_Notes, Theoretical_Notes
2009-12-28CWE Content TeamMITRE
updated Relationships
2010-09-27CWE Content TeamMITRE
updated Relationships
2011-03-29CWE Content TeamMITRE
updated Relationships
2011-06-01CWE Content TeamMITRE
updated Common_Consequences
2012-05-11CWE Content TeamMITRE
updated Relationships
2013-02-21CWE Content TeamMITRE
updated Relationships
2013-07-17CWE Content TeamMITRE
updated Relationships
2014-06-23CWE Content TeamMITRE
updated Relationships
2014-07-30CWE Content TeamMITRE
updated Relationships
2015-12-07CWE Content TeamMITRE
updated Relationships
2017-01-19CWE Content TeamMITRE
updated Relationships
2017-11-08CWE Content TeamMITRE
updated Modes_of_Introduction, Relationships, Relevant_Properties

More information is available — Please select a different filter.
Page Last Updated: November 14, 2017