CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE CATEGORY: 2009 Top 25 - Porous Defenses

Category ID: 753
Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are listed in the "Porous Defenses" section of the 2009 CWE/SANS Top 25 Programming Errors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class250Execution with Unnecessary Privileges
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base259Use of Hard-coded Password
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness ClassWeakness Class285Improper Authorization
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base327Use of a Broken or Risky Cryptographic Algorithm
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness ClassWeakness Class330Use of Insufficiently Random Values
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base602Client-Side Enforcement of Server-Side Security
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness ClassWeakness Class732Incorrect Permission Assignment for Critical Resource
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base798Use of Hard-coded Credentials
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
MemberOfViewView750Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
+ References
"2009 CWE/SANS Top 25 Programming Errors". 2009-01-12. <http://cwe.mitre.org/top25>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2009-01-12Internal CWE Team
Modifications
Modification DateModifierOrganizationSource
2010-02-16CWE Content TeamMITREInternal
updated Name, Relationships
Previous Entry Names
Change DatePrevious Entry Name
2010-02-16Porous Defenses

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017