CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types
CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE CATEGORY: 2010 Top 25 - Porous Defenses

Category ID: 803
Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are listed in the "Porous Defenses" section of the 2010 CWE/SANS Top 25 Programming Errors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class285Improper Authorization
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness VariantWeakness Variant306Missing Authentication for Critical Function
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base311Missing Encryption of Sensitive Data
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base327Use of a Broken or Risky Cryptographic Algorithm
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness ClassWeakness Class732Incorrect Permission Assignment for Critical Resource
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base798Use of Hard-coded Credentials
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base807Reliance on Untrusted Inputs in a Security Decision
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
MemberOfViewView800Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
+ References
"2010 CWE/SANS Top 25 Most Dangerous Programming Errors". 2010-02-04. <http://cwe.mitre.org/top25>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2010-01-15Internal CWE Team

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017 
 

Use of the Common Weakness Enumeration and the associated references from this website are subject to the Terms of Use. For more information, please email cwe@mitre.org.

CWE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 2006-2017, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.
Privacy policy
Terms of use
Contact us