CWE - CWE-801: 2010 Top 25 - Insecure Interaction Between Components (2.4)

Home > CWE List > CWE- Individual Dictionary Definition (2.4)

CWE List
Full Dictionary View
Development View
Research View
Reports

About
Sources
Process
Documents
FAQs

Community
SwA On-Ramp
T-Shirt
Discussion List
Discussion Archives
Contact Us

Scoring
CWSS
CWRAF
CWE/SANS Top 25

Compatibility
Requirements
Coverage Claims Representation
Compatible Products
Make a Declaration

News
Calendar
Free Newsletter

Search the Site

CWE-801: 2010 Top 25 - Insecure Interaction Between Components

2010 Top 25 - Insecure Interaction Between Components

Category ID: 801 (Category)

Status: Incomplete

Description

Description Summary

Weaknesses in this category are listed in the "Insecure Interaction Between Components" section of the 2010 CWE/SANS Top 25 Programming Errors.

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to
ParentOf	Weakness Base	78	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOf	Weakness Base	79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOf	Weakness Base	89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOf	Weakness Base	209	Information Exposure Through an Error Message	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOf	Compound Element: Composite	352	Cross-Site Request Forgery (CSRF)	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOf	Weakness Class	362	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOf	Weakness Base	434	Unrestricted Upload of File with Dangerous Type	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOf	Weakness Variant	601	URL Redirection to Untrusted Site ('Open Redirect')	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
MemberOf	View	800	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors	Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800

References

"2010 CWE/SANS Top 25 Most Dangerous Programming Errors". 2010-02-04. <http://cwe.mitre.org/top25>.

Content History

Submissions
Submission Date	Submitter	Organization	Source
2010-01-15			Internal CWE Team
2010-01-15

Page Last Updated: February 20, 2013


	CWE is co-sponsored by the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. This Web site is sponsored and managed by The MITRE Corporation to enable stakeholder collaboration. Copyright © 2006-2013, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation. Contact cwe@mitre.org for more information.	Privacy policy Terms of use Contact us