CWE VIEW: Weaknesses in OWASP Top Ten (2004)
CWE entries in this view (graph) are associated with the OWASP Top Ten, as released in 2004, and as required for compliance with PCI DSS version 1.1. This view is considered obsolete as a newer version of the OWASP Top Ten is available.
The following graph shows the tree-like relationships between
weaknesses that exist at different levels of abstraction. At the highest level, categories
and pillars exist to group weaknesses. Categories (which are not technically weaknesses) are
special CWE entries used to group weaknesses that share a common characteristic. Pillars are
weaknesses that are described in the most abstract fashion. Below these top-level entries
are weaknesses are varying levels of abstraction. Classes are still very abstract, typically
independent of any specific language or technology. Base level weaknesses are used to
present a more specific type of weakness. A variant is a weakness that is described at a
very low level of detail, typically limited to a specific language or technology. A chain is
a set of weaknesses that must be reachable consecutively in order to produce an exploitable
vulnerability. While a composite is a set of weaknesses that must all be present
simultaneously in order to produce an exploitable vulnerability.
Show Details:
711 - Weaknesses in OWASP Top Ten (2004)
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A1 - Unvalidated Input
- (722)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input)
Weaknesses in this category are related to the A1 category in the OWASP Top Ten 2004.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Struts: Duplicate Validation Forms
- (102)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
102
(Struts: Duplicate Validation Forms)
The product uses multiple validation forms with the same name, which might cause the Struts Validator to validate a form that the programmer does not expect.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Struts: Incomplete validate() Method Definition
- (103)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
103
(Struts: Incomplete validate() Method Definition)
The product has a validator form that either does not define a validate() method, or defines a validate() method but does not call super.validate().
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Struts: Form Bean Does Not Extend Validation Class
- (104)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
104
(Struts: Form Bean Does Not Extend Validation Class)
If a form bean does not extend an ActionForm subclass of the Validator framework, it can expose the application to other weaknesses related to insufficient input validation.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Struts: Plug-in Framework not in Use
- (106)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
106
(Struts: Plug-in Framework not in Use)
When an application does not use an input validation framework such as the Struts Validator, there is a greater risk of introducing weaknesses related to insufficient input validation.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Struts: Validator Turned Off
- (109)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
109
(Struts: Validator Turned Off)
Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- (120)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
120
(Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
Classic Buffer Overflow
Unbounded Transfer
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Handling of Missing Special Element
- (166)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
166
(Improper Handling of Missing Special Element)
The product receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Handling of Additional Special Element
- (167)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
167
(Improper Handling of Additional Special Element)
The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Incorrect Behavior Order: Early Validation
- (179)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
179
(Incorrect Behavior Order: Early Validation)
The product validates input before applying protection mechanisms that modify the input, which could allow an attacker to bypass the validation via dangerous inputs that only arise after the modification.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Incorrect Behavior Order: Validate Before Canonicalize
- (180)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
180
(Incorrect Behavior Order: Validate Before Canonicalize)
The product validates input before it is canonicalized, which prevents the product from detecting data that becomes invalid after the canonicalization step.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Incorrect Behavior Order: Validate Before Filter
- (181)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
181
(Incorrect Behavior Order: Validate Before Filter)
The product validates data before it has been filtered, which prevents the product from detecting data that becomes invalid after the filtering step.
Validate-before-cleanse
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Collapse of Data into Unsafe Value
- (182)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
182
(Collapse of Data into Unsafe Value)
The product filters data in a way that causes it to be reduced or "collapsed" into an unsafe value that violates an expected security property.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Permissive List of Allowed Inputs
- (183)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
183
(Permissive List of Allowed Inputs)
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.
Allowlist / Allow List
Safelist / Safe List
Whitelist / White List
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Input Validation
- (20)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
20
(Improper Input Validation)
The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Direct Request ('Forced Browsing')
- (425)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
425
(Direct Request ('Forced Browsing'))
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
forced browsing
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
External Control of Assumed-Immutable Web Parameter
- (472)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
472
(External Control of Assumed-Immutable Web Parameter)
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.
Assumed-Immutable Parameter Tampering
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
URL Redirection to Untrusted Site ('Open Redirect')
- (601)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
601
(URL Redirection to Untrusted Site ('Open Redirect'))
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Open Redirect
Cross-site Redirect
Cross-domain Redirect
Unvalidated Redirect
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Client-Side Enforcement of Server-Side Security
- (602)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
602
(Client-Side Enforcement of Server-Side Security)
The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Neutralization of Special Elements used in a Command ('Command Injection')
- (77)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
77
(Improper Neutralization of Special Elements used in a Command ('Command Injection'))
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Command injection
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- (79)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
79
(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
XSS
HTML Injection
CSS
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
- (89)
711
(Weaknesses in OWASP Top Ten (2004)) >
722
(OWASP Top Ten 2004 Category A1 - Unvalidated Input) >
89
(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
SQL injection
SQLi
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A2 - Broken Access Control
- (723)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control)
Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2004.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- (22)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
22
(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Directory traversal
Path traversal
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Incorrect Privilege Assignment
- (266)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
266
(Incorrect Privilege Assignment)
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Privilege Chaining
- (268)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
268
(Privilege Chaining)
Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
Permission Issues
- (275)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
275
(Permission Issues)
Weaknesses in this category are related to improper assignment or handling of permissions.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Unverified Ownership
- (283)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
283
(Unverified Ownership)
The product does not properly verify that a critical resource is owned by the proper entity.
Pillar - a weakness that is the most abstract type of weakness and represents a theme for all class/base/variant weaknesses related to it. A Pillar is different from a Category as a Pillar is still technically a type of weakness that describes a mistake, while a Category represents a common characteristic used to group related things.
Improper Access Control
- (284)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
284
(Improper Access Control)
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Authorization
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Authorization
- (285)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
285
(Improper Authorization)
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
AuthZ
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Use of Insufficiently Random Values
- (330)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
330
(Use of Insufficiently Random Values)
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Resolution of Path Equivalence
- (41)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
41
(Improper Resolution of Path Equivalence)
The product is vulnerable to file system contents disclosure through path equivalence. Path equivalence involves the use of special characters in file and directory names. The associated manipulations are intended to generate multiple names for the same object.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Direct Request ('Forced Browsing')
- (425)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
425
(Direct Request ('Forced Browsing'))
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
forced browsing
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Use of Web Browser Cache Containing Sensitive Information
- (525)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
525
(Use of Web Browser Cache Containing Sensitive Information)
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
- (551)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
551
(Incorrect Behavior Order: Authorization Before Parsing and Canonicalization)
If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
ASP.NET Misconfiguration: Use of Identity Impersonation
- (556)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
556
(ASP.NET Misconfiguration: Use of Identity Impersonation)
Configuring an ASP.NET application to run with impersonated credentials may give the application unnecessary privileges.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Authorization Bypass Through User-Controlled Key
- (639)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
639
(Authorization Bypass Through User-Controlled Key)
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Insecure Direct Object Reference / IDOR
Broken Object Level Authorization / BOLA
Horizontal Authorization
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Incorrect Ownership Assignment
- (708)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
708
(Incorrect Ownership Assignment)
The product assigns an owner to a resource, but the owner is outside of the intended control sphere.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
External Control of File Name or Path
- (73)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
73
(External Control of File Name or Path)
The product allows user input to control or influence paths or file names that are used in filesystem operations.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Weak Access Permissions for EJB Methods
- (9)
711
(Weaknesses in OWASP Top Ten (2004)) >
723
(OWASP Top Ten 2004 Category A2 - Broken Access Control) >
9
(J2EE Misconfiguration: Weak Access Permissions for EJB Methods)
If elevated access rights are assigned to EJB methods, then an attacker can take advantage of the permissions to exploit the product.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management
- (724)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management)
Weaknesses in this category are related to the A3 category in the OWASP Top Ten 2004.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
Credentials Management Errors
- (255)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
255
(Credentials Management Errors)
Weaknesses in this category are related to the management of credentials.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Use of Hard-coded Password
- (259)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
259
(Use of Hard-coded Password)
The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Authentication
- (287)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
287
(Improper Authentication)
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
authentification
AuthN
AuthC
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Following of a Certificate's Chain of Trust
- (296)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
296
(Improper Following of a Certificate's Chain of Trust)
The product does not follow, or incorrectly follows, the chain of trust for a certificate back to a trusted root certificate, resulting in incorrect trust of any resource that is associated with that certificate.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Improper Validation of Certificate Expiration
- (298)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
298
(Improper Validation of Certificate Expiration)
A certificate expiration is not validated or is incorrectly validated, so trust may be assigned to certificates that have been abandoned due to age.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Authentication Bypass by Assumed-Immutable Data
- (302)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
302
(Authentication Bypass by Assumed-Immutable Data)
The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Missing Critical Step in Authentication
- (304)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
304
(Missing Critical Step in Authentication)
The product implements an authentication technique, but it skips a step that weakens the technique.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Restriction of Excessive Authentication Attempts
- (307)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
307
(Improper Restriction of Excessive Authentication Attempts)
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Use of Password System for Primary Authentication
- (309)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
309
(Use of Password System for Primary Authentication)
The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Insufficient Verification of Data Authenticity
- (345)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
345
(Insufficient Verification of Data Authenticity)
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Composite - a Compound Element that consists of two or more distinct weaknesses, in which all weaknesses must be present at the same time in order for a potential vulnerability to arise. Removing any of the weaknesses eliminates or sharply reduces the risk. One weakness, X, can be "broken down" into component weaknesses Y and Z. There can be cases in which one weakness might not be essential to a composite, but changes the nature of the composite when it becomes a vulnerability.
Session Fixation
- (384)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
384
(Session Fixation)
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Weak Password Requirements
- (521)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
521
(Weak Password Requirements)
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Insufficiently Protected Credentials
- (522)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
522
(Insufficiently Protected Credentials)
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Use of Web Browser Cache Containing Sensitive Information
- (525)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
525
(Use of Web Browser Cache Containing Sensitive Information)
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Insufficient Session Expiration
- (613)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
613
(Insufficient Session Expiration)
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Unverified Password Change
- (620)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
620
(Unverified Password Change)
When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Weak Password Recovery Mechanism for Forgotten Password
- (640)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
640
(Weak Password Recovery Mechanism for Forgotten Password)
The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Use of Hard-coded Credentials
- (798)
711
(Weaknesses in OWASP Top Ten (2004)) >
724
(OWASP Top Ten 2004 Category A3 - Broken Authentication and Session Management) >
798
(Use of Hard-coded Credentials)
The product contains hard-coded credentials, such as a password or cryptographic key.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A4 - Cross-Site Scripting (XSS) Flaws
- (725)
711
(Weaknesses in OWASP Top Ten (2004)) >
725
(OWASP Top Ten 2004 Category A4 - Cross-Site Scripting (XSS) Flaws)
Weaknesses in this category are related to the A4 category in the OWASP Top Ten 2004.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Improper Neutralization of HTTP Headers for Scripting Syntax
- (644)
711
(Weaknesses in OWASP Top Ten (2004)) >
725
(OWASP Top Ten 2004 Category A4 - Cross-Site Scripting (XSS) Flaws) >
644
(Improper Neutralization of HTTP Headers for Scripting Syntax)
The product does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- (79)
711
(Weaknesses in OWASP Top Ten (2004)) >
725
(OWASP Top Ten 2004 Category A4 - Cross-Site Scripting (XSS) Flaws) >
79
(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
XSS
HTML Injection
CSS
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A5 - Buffer Overflows
- (726)
711
(Weaknesses in OWASP Top Ten (2004)) >
726
(OWASP Top Ten 2004 Category A5 - Buffer Overflows)
Weaknesses in this category are related to the A5 category in the OWASP Top Ten 2004.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Restriction of Operations within the Bounds of a Memory Buffer
- (119)
711
(Weaknesses in OWASP Top Ten (2004)) >
726
(OWASP Top Ten 2004 Category A5 - Buffer Overflows) >
119
(Improper Restriction of Operations within the Bounds of a Memory Buffer)
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Buffer Overflow
buffer overrun
memory safety
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- (120)
711
(Weaknesses in OWASP Top Ten (2004)) >
726
(OWASP Top Ten 2004 Category A5 - Buffer Overflows) >
120
(Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
Classic Buffer Overflow
Unbounded Transfer
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Use of Externally-Controlled Format String
- (134)
711
(Weaknesses in OWASP Top Ten (2004)) >
726
(OWASP Top Ten 2004 Category A5 - Buffer Overflows) >
134
(Use of Externally-Controlled Format String)
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A6 - Injection Flaws
- (727)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws)
Weaknesses in this category are related to the A6 category in the OWASP Top Ten 2004.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Output Neutralization for Logs
- (117)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
117
(Improper Output Neutralization for Logs)
The product does not neutralize or incorrectly neutralizes output that is written to logs.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
- (74)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
74
(Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'))
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Neutralization of Special Elements used in a Command ('Command Injection')
- (77)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
77
(Improper Neutralization of Special Elements used in a Command ('Command Injection'))
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Command injection
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
- (78)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
78
(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'))
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Shell injection
Shell metacharacters
OS Command Injection
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
- (89)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
89
(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
SQL injection
SQLi
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
XML Injection (aka Blind XPath Injection)
- (91)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
91
(XML Injection (aka Blind XPath Injection))
The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
- (95)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
95
(Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'))
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
- (98)
711
(Weaknesses in OWASP Top Ten (2004)) >
727
(OWASP Top Ten 2004 Category A6 - Injection Flaws) >
98
(Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion'))
The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.
Remote file include
RFI
Local file inclusion
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A7 - Improper Error Handling
- (728)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling)
Weaknesses in this category are related to the A7 category in the OWASP Top Ten 2004.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Observable Discrepancy
- (203)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
203
(Observable Discrepancy)
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
Side Channel Attack
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Generation of Error Message Containing Sensitive Information
- (209)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
209
(Generation of Error Message Containing Sensitive Information)
The product generates an error message that includes sensitive information about its environment, users, or associated data.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Handling of Syntactically Invalid Structure
- (228)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
228
(Improper Handling of Syntactically Invalid Structure)
The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Unchecked Return Value
- (252)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
252
(Unchecked Return Value)
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
Error Conditions, Return Values, Status Codes
- (389)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
389
(Error Conditions, Return Values, Status Codes)
This category includes weaknesses that occur if a function does not generate the correct return/status code, or if the application does not handle all possible return/status codes that could be generated by a function. This type of problem is most often found in conditions that are rarely encountered during the normal operation of the product. Presumably, most bugs related to common conditions are found and eliminated during development and testing. In some cases, the attacker can directly control or influence the environment to trigger the rare conditions.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Detection of Error Condition Without Action
- (390)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
390
(Detection of Error Condition Without Action)
The product detects a specific error, but takes no actions to handle the error.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Unchecked Error Condition
- (391)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
391
(Unchecked Error Condition)
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Unexpected Status Code or Return Value
- (394)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
394
(Unexpected Status Code or Return Value)
The product does not properly check when a function or operation returns a value that is legitimate for the function, but is not expected by the product.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Not Failing Securely ('Failing Open')
- (636)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
636
(Not Failing Securely ('Failing Open'))
When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.
Failing Open
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Missing Custom Error Page
- (7)
711
(Weaknesses in OWASP Top Ten (2004)) >
728
(OWASP Top Ten 2004 Category A7 - Improper Error Handling) >
7
(J2EE Misconfiguration: Missing Custom Error Page)
The default error page of a web application should not display sensitive information about the product.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A8 - Insecure Storage
- (729)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage)
Weaknesses in this category are related to the A8 category in the OWASP Top Ten 2004.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Compiler Removal of Code to Clear Buffers
- (14)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
14
(Compiler Removal of Code to Clear Buffers)
Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka "dead store removal."
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Sensitive Information in Resource Not Removed Before Reuse
- (226)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
226
(Sensitive Information in Resource Not Removed Before Reuse)
The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or "zeroize" the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Weak Encoding for Password
- (261)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
261
(Weak Encoding for Password)
Obscuring a password with a trivial encoding does not protect the password.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Missing Encryption of Sensitive Data
- (311)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
311
(Missing Encryption of Sensitive Data)
The product does not encrypt sensitive or critical information before storage or transmission.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Use of Hard-coded Cryptographic Key
- (321)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
321
(Use of Hard-coded Cryptographic Key)
The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Inadequate Encryption Strength
- (326)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
326
(Inadequate Encryption Strength)
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Use of a Broken or Risky Cryptographic Algorithm
- (327)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
327
(Use of a Broken or Risky Cryptographic Algorithm)
The product uses a broken or risky cryptographic algorithm or protocol.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Use of Persistent Cookies Containing Sensitive Information
- (539)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
539
(Use of Persistent Cookies Containing Sensitive Information)
The web application uses persistent cookies, but the cookies contain sensitive information.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Sensitive Data Storage in Improperly Locked Memory
- (591)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
591
(Sensitive Data Storage in Improperly Locked Memory)
The product stores sensitive data in memory that is not locked, or that has been incorrectly locked, which might cause the memory to be written to swap files on disk by the virtual memory manager. This can make the data more accessible to external actors.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Use of GET Request Method With Sensitive Query Strings
- (598)
711
(Weaknesses in OWASP Top Ten (2004)) >
729
(OWASP Top Ten 2004 Category A8 - Insecure Storage) >
598
(Use of GET Request Method With Sensitive Query Strings)
The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that request.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A9 - Denial of Service
- (730)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service)
Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2004.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Null Termination
- (170)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
170
(Improper Null Termination)
The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Uncaught Exception
- (248)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
248
(Uncaught Exception)
An exception is thrown from a function, but it is not caught.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Divide By Zero
- (369)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
369
(Divide By Zero)
The product divides a value by zero.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Bad Practices: Use of System.exit()
- (382)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
382
(J2EE Bad Practices: Use of System.exit())
A J2EE application uses System.exit(), which also shuts down its container.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Uncontrolled Resource Consumption
- (400)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
400
(Uncontrolled Resource Consumption)
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Resource Exhaustion
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Missing Release of Memory after Effective Lifetime
- (401)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
401
(Missing Release of Memory after Effective Lifetime)
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.
Memory Leak
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Improper Resource Shutdown or Release
- (404)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
404
(Improper Resource Shutdown or Release)
The product does not release or incorrectly releases a resource before it is made available for re-use.
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Asymmetric Resource Consumption (Amplification)
- (405)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
405
(Asymmetric Resource Consumption (Amplification))
The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Insufficient Resource Pool
- (410)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
410
(Insufficient Resource Pool)
The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Unrestricted Externally Accessible Lock
- (412)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
412
(Unrestricted Externally Accessible Lock)
The product properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
NULL Pointer Dereference
- (476)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
476
(NULL Pointer Dereference)
The product dereferences a pointer that it expects to be valid but is NULL.
NPD
null deref
NPE
nil pointer dereference
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.
Uncontrolled Recursion
- (674)
711
(Weaknesses in OWASP Top Ten (2004)) >
730
(OWASP Top Ten 2004 Category A9 - Denial of Service) >
674
(Uncontrolled Recursion)
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Stack Exhaustion
Category - a CWE entry that contains a set of other entries that share a common characteristic.
OWASP Top Ten 2004 Category A10 - Insecure Configuration Management
- (731)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management)
Weaknesses in this category are related to the A10 category in the OWASP Top Ten 2004.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Generation of Error Message Containing Sensitive Information
- (209)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
209
(Generation of Error Message Containing Sensitive Information)
The product generates an error message that includes sensitive information about its environment, users, or associated data.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Insertion of Sensitive Information Into Debugging Code
- (215)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
215
(Insertion of Sensitive Information Into Debugging Code)
The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Storage of File with Sensitive Data Under Web Root
- (219)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
219
(Storage of File with Sensitive Data Under Web Root)
The product stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties.
Category - a CWE entry that contains a set of other entries that share a common characteristic.
Permission Issues
- (275)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
275
(Permission Issues)
Weaknesses in this category are related to improper assignment or handling of permissions.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Improper Certificate Validation
- (295)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
295
(Improper Certificate Validation)
The product does not validate, or incorrectly validates, a certificate.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Data Transmission Without Encryption
- (5)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
5
(J2EE Misconfiguration: Data Transmission Without Encryption)
Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are weakly encrypted.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Plaintext Password in Configuration File
- (555)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
555
(J2EE Misconfiguration: Plaintext Password in Configuration File)
The J2EE application stores a plaintext password in a configuration file.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Insufficient Session-ID Length
- (6)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
6
(J2EE Misconfiguration: Insufficient Session-ID Length)
The J2EE application is configured to use an insufficient session ID length.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Missing Custom Error Page
- (7)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
7
(J2EE Misconfiguration: Missing Custom Error Page)
The default error page of a web application should not display sensitive information about the product.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Entity Bean Declared Remote
- (8)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
8
(J2EE Misconfiguration: Entity Bean Declared Remote)
When an application exposes a remote interface for an entity bean, it might also expose methods that get or set the bean's data. These methods could be leveraged to read sensitive information, or to change data in ways that violate the application's expectations, potentially leading to other vulnerabilities.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
J2EE Misconfiguration: Weak Access Permissions for EJB Methods
- (9)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
9
(J2EE Misconfiguration: Weak Access Permissions for EJB Methods)
If elevated access rights are assigned to EJB methods, then an attacker can take advantage of the permissions to exploit the product.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Incomplete Cleanup
- (459)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
459
(Incomplete Cleanup)
The product does not properly "clean up" and remove temporary or supporting resources after they have been used.
Insufficient Cleanup
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Active Debug Code
- (489)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
489
(Active Debug Code)
The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.
Leftover debug code
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
ASP.NET Misconfiguration: Creating Debug Binary
- (11)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
11
(ASP.NET Misconfiguration: Creating Debug Binary)
Debugging messages help attackers learn about the system and plan a form of attack.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
ASP.NET Misconfiguration: Missing Custom Error Page
- (12)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
12
(ASP.NET Misconfiguration: Missing Custom Error Page)
An ASP .NET application must enable custom error pages in order to prevent attackers from mining information from the framework's built-in responses.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
ASP.NET Misconfiguration: Password in Configuration File
- (13)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
13
(ASP.NET Misconfiguration: Password in Configuration File)
Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attackers.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
.NET Misconfiguration: Use of Impersonation
- (520)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
520
(.NET Misconfiguration: Use of Impersonation)
Allowing a .NET application to run at potentially escalated levels of access to the underlying operating and file systems can be dangerous and result in various forms of attacks.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
ASP.NET Misconfiguration: Not Using Input Validation Framework
- (554)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
554
(ASP.NET Misconfiguration: Not Using Input Validation Framework)
The ASP.NET application does not use an input validation framework.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
ASP.NET Misconfiguration: Use of Identity Impersonation
- (556)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
556
(ASP.NET Misconfiguration: Use of Identity Impersonation)
Configuring an ASP.NET application to run with impersonated credentials may give the application unnecessary privileges.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Cleartext Storage of Sensitive Information in an Environment Variable
- (526)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
526
(Cleartext Storage of Sensitive Information in an Environment Variable)
The product uses an environment variable to store unencrypted sensitive information.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Exposure of Version-Control Repository to an Unauthorized Control Sphere
- (527)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
527
(Exposure of Version-Control Repository to an Unauthorized Control Sphere)
The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Exposure of Core Dump File to an Unauthorized Control Sphere
- (528)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
528
(Exposure of Core Dump File to an Unauthorized Control Sphere)
The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Exposure of Access Control List Files to an Unauthorized Control Sphere
- (529)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
529
(Exposure of Access Control List Files to an Unauthorized Control Sphere)
The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Exposure of Backup File to an Unauthorized Control Sphere
- (530)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
530
(Exposure of Backup File to an Unauthorized Control Sphere)
A backup file is stored in a directory or archive that is made accessible to unauthorized actors.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Inclusion of Sensitive Information in Test Code
- (531)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
531
(Inclusion of Sensitive Information in Test Code)
Accessible test applications can pose a variety of security risks. Since developers or administrators rarely consider that someone besides themselves would even know about the existence of these applications, it is common for them to contain sensitive information or functions.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Insertion of Sensitive Information into Log File
- (532)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
532
(Insertion of Sensitive Information into Log File)
The product writes sensitive information to a log file.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Inclusion of Sensitive Information in Source Code
- (540)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
540
(Inclusion of Sensitive Information in Source Code)
Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Inclusion of Sensitive Information in an Include File
- (541)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
541
(Inclusion of Sensitive Information in an Include File)
If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
Exposure of Information Through Directory Listing
- (548)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
548
(Exposure of Information Through Directory Listing)
A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.
Base - a weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.
Files or Directories Accessible to External Parties
- (552)
711
(Weaknesses in OWASP Top Ten (2004)) >
731
(OWASP Top Ten 2004 Category A10 - Insecure Configuration Management) >
552
(Files or Directories Accessible to External Parties)
The product makes files or directories accessible to unauthorized actors, even though they should not be.
Relationship
CWE relationships for this view were obtained by examining the OWASP document and mapping to any items that were specifically mentioned within the text of a category. As a result, this mapping is not complete with respect to all of CWE. In addition, some concepts were mentioned in multiple Top Ten items, which caused them to be mapped to multiple CWE categories. For example, SQL injection is mentioned in both A1 (CWE-722) and A6 (CWE-727) categories.
Relationship
As of 2008, some parts of CWE were not fully clarified out in terms of weaknesses. When these areas were mentioned in the OWASP Top Ten, category entries were mapped, although general mapping practice would usually favor mapping only to weaknesses.
More information is available — Please edit the custom filter or select a different filter. |
Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2024, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation. |