CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.8)  

Presentation Filter:

CWE-723: OWASP Top Ten 2004 Category A2 - Broken Access Control

 
OWASP Top Ten 2004 Category A2 - Broken Access Control
Category ID: 723 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2004.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness VariantWeakness Variant9J2EE Misconfiguration: Weak Access Permissions for EJB Methods
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base41Improper Resolution of Path Equivalence
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class73External Control of File Name or Path
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base266Incorrect Privilege Assignment
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base268Privilege Chaining
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfCategoryCategory275Permission Issues
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base283Unverified Ownership
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class284Improper Access Control
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class285Improper Authorization
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class330Use of Insufficiently Random Values
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base425Direct Request ('Forced Browsing')
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant525Information Exposure Through Browser Caching
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base551Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant556ASP.NET Misconfiguration: Use of Identity Impersonation
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base639Authorization Bypass Through User-Controlled Key
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base708Incorrect Ownership Assignment
Weaknesses in OWASP Top Ten (2004) (primary)711
MemberOfViewView711Weaknesses in OWASP Top Ten (2004)
Weaknesses in OWASP Top Ten (2004) (primary)711
+ References
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-08-15VeracodeExternal Submission
Suggested creation of view and provided mappings
Modifications
Modification DateModifierOrganizationSource
2009-03-10CWE Content TeamMITREInternal
updated Relationships
Page Last Updated: July 30, 2014