CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE VIEW: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

View ID: 800
Structure: Graph
Status: Incomplete
Presentation Filter:
+ View Data

View Objective

CWE entries in this view (graph) are listed in the 2010 CWE/SANS Top 25 Programming Errors.

+ View Audience
StakeholderDescription
Developers

By following the Top 25, developers will be able to significantly reduce the number of weaknesses that occur in their software.

Software_Customers

If a software developer claims to be following the Top 25, then customers can use the weaknesses in this view in order to formulate independent evidence of that claim.

Educators

Educators can use this view in multiple ways. For example, if there is a focus on teaching weaknesses, the educator could focus on the Top 25.

+ Relationships
Show Details:
800 - Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
+CategoryCategory2010 Top 25 - Insecure Interaction Between Components - (801)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components)
Weaknesses in this category are listed in the "Insecure Interaction Between Components" section of the 2010 CWE/SANS Top 25 Programming Errors.
*Weakness ClassWeakness ClassConcurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') - (362)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.
+Compound Element: CompositeCompound Element: CompositeCross-Site Request Forgery (CSRF) - (352)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 352 (Cross-Site Request Forgery (CSRF))
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.Session RidingCross Site Reference ForgeryXSRF
*Weakness ClassWeakness ClassExternal Control of Critical State Data - (642)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 352 (Cross-Site Request Forgery (CSRF)) > 642 (External Control of Critical State Data)
The software stores security-critical state information about its users, or the software itself, in a location that is accessible to unauthorized actors.
*Weakness BaseWeakness BaseInsufficient Session Expiration - (613)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 352 (Cross-Site Request Forgery (CSRF)) > 613 (Insufficient Session Expiration)
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
*Weakness BaseWeakness BaseOrigin Validation Error - (346)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 352 (Cross-Site Request Forgery (CSRF)) > 346 (Origin Validation Error)
The software does not properly verify that the source of data or communication is valid.
*Weakness ClassWeakness ClassUnintended Proxy or Intermediary ('Confused Deputy') - (441)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 352 (Cross-Site Request Forgery (CSRF)) > 441 (Unintended Proxy or Intermediary ('Confused Deputy'))
The software receives a request, message, or directive from an upstream component, but the software does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the software's control sphere. This causes the software to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor.Confused Deputy
*Weakness BaseWeakness BaseImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - (79)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.XSSCSS
*Weakness BaseWeakness BaseImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection') - (78)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'))
The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Shell injectionShell metacharacters
*Weakness BaseWeakness BaseImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - (89)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
*Weakness BaseWeakness BaseInformation Exposure Through an Error Message - (209)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 209 (Information Exposure Through an Error Message)
The software generates an error message that includes sensitive information about its environment, users, or associated data.
*Weakness VariantWeakness VariantURL Redirection to Untrusted Site ('Open Redirect') - (601)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 601 (URL Redirection to Untrusted Site ('Open Redirect'))
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.Open RedirectCross-site RedirectCross-domain Redirect
*Weakness BaseWeakness BaseUnrestricted Upload of File with Dangerous Type - (434)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 801 (2010 Top 25 - Insecure Interaction Between Components) > 434 (Unrestricted Upload of File with Dangerous Type)
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.Unrestricted File Upload
+CategoryCategory2010 Top 25 - Porous Defenses - (803)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses)
Weaknesses in this category are listed in the "Porous Defenses" section of the 2010 CWE/SANS Top 25 Programming Errors.
*Weakness ClassWeakness ClassImproper Authorization - (285)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses) > 285 (Improper Authorization)
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.AuthZ
*Weakness ClassWeakness ClassIncorrect Permission Assignment for Critical Resource - (732)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses) > 732 (Incorrect Permission Assignment for Critical Resource)
The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
*Weakness VariantWeakness VariantMissing Authentication for Critical Function - (306)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses) > 306 (Missing Authentication for Critical Function)
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
*Weakness BaseWeakness BaseMissing Encryption of Sensitive Data - (311)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses) > 311 (Missing Encryption of Sensitive Data)
The software does not encrypt sensitive or critical information before storage or transmission.
*Weakness BaseWeakness BaseReliance on Untrusted Inputs in a Security Decision - (807)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses) > 807 (Reliance on Untrusted Inputs in a Security Decision)
The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
*Weakness BaseWeakness BaseUse of Hard-coded Credentials - (798)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses) > 798 (Use of Hard-coded Credentials)
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
*Weakness BaseWeakness BaseUse of a Broken or Risky Cryptographic Algorithm - (327)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 803 (2010 Top 25 - Porous Defenses) > 327 (Use of a Broken or Risky Cryptographic Algorithm)
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.
+CategoryCategory2010 Top 25 - Risky Resource Management - (802)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management)
Weaknesses in this category are listed in the "Risky Resource Management" section of the 2010 CWE/SANS Top 25 Programming Errors.
*Weakness BaseWeakness BaseAllocation of Resources Without Limits or Throttling - (770)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 770 (Allocation of Resources Without Limits or Throttling)
The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on how many resources can be allocated, in violation of the intended security policy for that actor.
*Weakness BaseWeakness BaseBuffer Access with Incorrect Length Value - (805)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 805 (Buffer Access with Incorrect Length Value)
The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
*Weakness BaseWeakness BaseBuffer Copy without Checking Size of Input ('Classic Buffer Overflow') - (120)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.buffer overrunUnbounded Transfer
*Weakness BaseWeakness BaseDownload of Code Without Integrity Check - (494)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 494 (Download of Code Without Integrity Check)
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
*Weakness ClassWeakness ClassImproper Check for Unusual or Exceptional Conditions - (754)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 754 (Improper Check for Unusual or Exceptional Conditions)
The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
*Weakness BaseWeakness BaseImproper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') - (98)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 98 (Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion'))
The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.Remote file includeRFILocal file inclusion
*Weakness ClassWeakness ClassImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') - (22)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Directory traversalPath traversal
*Weakness BaseWeakness BaseImproper Validation of Array Index - (129)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 129 (Improper Validation of Array Index)
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. out-of-bounds array indexindex-out-of-rangearray index underflow
*Weakness BaseWeakness BaseIncorrect Calculation of Buffer Size - (131)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 131 (Incorrect Calculation of Buffer Size)
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
*Weakness BaseWeakness BaseInteger Overflow or Wraparound - (190)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 802 (2010 Top 25 - Risky Resource Management) > 190 (Integer Overflow or Wraparound)
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
+CategoryCategory2010 Top 25 - Weaknesses On the Cusp - (808)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp)
Weaknesses in this category are not part of the general Top 25, but they were part of the original nominee list from which the Top 25 was drawn.
*Weakness BaseWeakness BaseExposed Dangerous Method or Function - (749)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 749 (Exposed Dangerous Method or Function)
The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
*Weakness BaseWeakness BaseExternal Initialization of Trusted Variables or Data Stores - (454)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 454 (External Initialization of Trusted Variables or Data Stores)
The software initializes critical internal variables or data stores using inputs that can be modified by untrusted actors.
*Weakness BaseWeakness BaseGuessable CAPTCHA - (804)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 804 (Guessable CAPTCHA)
The software uses a CAPTCHA challenge, but the challenge can be guessed or automatically recognized by a non-human actor.
*Weakness ClassWeakness ClassImproper Control of Interaction Frequency - (799)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 799 (Improper Control of Interaction Frequency)
The software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.Insufficient anti-automationBrute force
*Weakness BaseWeakness BaseImproper Cross-boundary Removal of Sensitive Data - (212)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 212 (Improper Cross-boundary Removal of Sensitive Data)
The software uses a resource that contains sensitive data, but it does not properly remove that data before it stores, transfers, or shares the resource with actors in another control sphere.
*Weakness BaseWeakness BaseImproper Link Resolution Before File Access ('Link Following') - (59)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 59 (Improper Link Resolution Before File Access ('Link Following'))
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.insecure temporary file
*Weakness BaseWeakness BaseImproper Restriction of Excessive Authentication Attempts - (307)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 307 (Improper Restriction of Excessive Authentication Attempts)
The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.
*Weakness BaseWeakness BaseIncorrect Conversion between Numeric Types - (681)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 681 (Incorrect Conversion between Numeric Types)
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
*Weakness BaseWeakness BaseMissing Initialization of a Variable - (456)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 456 (Missing Initialization of a Variable)
The software does not initialize critical variables, which causes the execution environment to use unexpected values.
*Weakness BaseWeakness BaseMissing Release of Resource after Effective Lifetime - (772)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 772 (Missing Release of Resource after Effective Lifetime)
The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
*Weakness BaseWeakness BaseNULL Pointer Dereference - (476)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 476 (NULL Pointer Dereference)
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
*Weakness BaseWeakness BaseOperation on a Resource after Expiration or Release - (672)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 672 (Operation on a Resource after Expiration or Release)
The software uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
+Compound Element: CompositeCompound Element: CompositeUntrusted Search Path - (426)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 426 (Untrusted Search Path)
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.Untrusted Path
*Weakness ClassWeakness ClassContainment Errors (Container Errors) - (216)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 426 (Untrusted Search Path) > 216 (Containment Errors (Container Errors))
This tries to cover various problems in which improper data are included within a "container."
*Weakness BaseWeakness BaseModification of Assumed-Immutable Data (MAID) - (471)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 426 (Untrusted Search Path) > 471 (Modification of Assumed-Immutable Data (MAID))
The software does not properly protect an assumed-immutable element from being modified by an attacker.
*CategoryCategoryPermission Issues - (275)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 426 (Untrusted Search Path) > 275 (Permission Issues)
Weaknesses in this category are related to improper assignment or handling of permissions.
*Weakness BaseWeakness BaseUse After Free - (416)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 416 (Use After Free)
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Dangling pointerUse-After-Free
*Weakness BaseWeakness BaseUse of Externally-Controlled Format String - (134)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 134 (Use of Externally-Controlled Format String)
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.
*Weakness ClassWeakness ClassUse of Insufficiently Random Values - (330)
800 (Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors) > 808 (2010 Top 25 - Weaknesses On the Cusp) > 330 (Use of Insufficiently Random Values)
The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.
+ References
"2010 CWE/SANS Top 25 Most Dangerous Programming Errors". 2010-02-04. <http://cwe.mitre.org/top25>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2010-01-15Internal CWE Team
+ View Metrics
CWEs in this viewTotal CWEs
Total45out of1006
Views0out of33
Categories4out of245
Weaknesses39out of720
Compound_Elements2out of8

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017