CWE - CWE-809: Weaknesses in OWASP Top Ten (2010) (2.2)

Home > CWE List > CWE- Individual Dictionary Definition (2.2)

CWE List
Full Dictionary View
Development View
Research View
Reports

About
Sources
Process
Documents
FAQs

Community
SwA On-Ramp
T-Shirt
Discussion List
Discussion Archives

Scoring
CWSS
CWRAF
CWE/SANS Top 25

Compatibility
Requirements
Coverage Claims Representation
Compatible Products
Make a Declaration

News
Calendar
Free Newsletter

Contact Us
Search the Site

CWE-809: Weaknesses in OWASP Top Ten (2010)

Weaknesses in OWASP Top Ten (2010)

View ID: 809 (View: Graph)

Status: Incomplete

View Data

View Objective

CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2010.

View Metrics

	CWEs in this view		Total CWEs
Total	41	out of	909
Views	0	out of	29
Categories	10	out of	178
Weaknesses	30	out of	693
Compound_Elements	1	out of	9

View Audience

Stakeholder	Description
Developers	This view outlines the most important issues as identified by the OWASP Top Ten (2010 version), providing a good starting point for web application developers who want to code more securely.
Software_Customers	This view outlines the most important issues as identified by the OWASP Top Ten (2010 version), providing customers with a way of asking their software developers to follow minimum expectations for secure code.
Educators	Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to
HasMember	Category	810	OWASP Top Ten 2010 Category A1 - Injection	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	811	OWASP Top Ten 2010 Category A2 - Cross-Site Scripting (XSS)	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	812	OWASP Top Ten 2010 Category A3 - Broken Authentication and Session Management	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	813	OWASP Top Ten 2010 Category A4 - Insecure Direct Object References	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	814	OWASP Top Ten 2010 Category A5 - Cross-Site Request Forgery(CSRF)	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	815	OWASP Top Ten 2010 Category A6 - Security Misconfiguration	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	816	OWASP Top Ten 2010 Category A7 - Insecure Cryptographic Storage	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	817	OWASP Top Ten 2010 Category A8 - Failure to Restrict URL Access	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	818	OWASP Top Ten 2010 Category A9 - Insufficient Transport Layer Protection	Weaknesses in OWASP Top Ten (2010) (primary)809
HasMember	Category	819	OWASP Top Ten 2010 Category A10 - Unvalidated Redirects and Forwards	Weaknesses in OWASP Top Ten (2010) (primary)809

Relationship Notes

The relationships in this view are a direct extraction of the CWE mappings that are in the 2010 OWASP document. CWE has changed since the release of that document.

References

"Top 10 2010". OWASP. 2010-04-19. <http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project>.

Content History

Submissions
Submission Date	Submitter	Organization	Source
2010-06-17		MITRE	Internal CWE Team
2010-06-17

Page Last Updated: May 14, 2012


	CWE is co-sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is sponsored and managed by The MITRE Corporation to enable stakeholder collaboration. Copyright © 2006-2012, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation. Contact cwe@mitre.org for more information.	Privacy policy Terms of use Contact us