CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE CATEGORY: 2011 Top 25 - Porous Defenses

Category ID: 866
Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are listed in the "Porous Defenses" section of the 2011 CWE/SANS Top 25 Most Dangerous Software Errors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class250Execution with Unnecessary Privileges
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness VariantWeakness Variant306Missing Authentication for Critical Function
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness BaseWeakness Base307Improper Restriction of Excessive Authentication Attempts
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness BaseWeakness Base311Missing Encryption of Sensitive Data
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness BaseWeakness Base327Use of a Broken or Risky Cryptographic Algorithm
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness ClassWeakness Class732Incorrect Permission Assignment for Critical Resource
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness BaseWeakness Base759Use of a One-Way Hash without a Salt
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness BaseWeakness Base798Use of Hard-coded Credentials
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness BaseWeakness Base807Reliance on Untrusted Inputs in a Security Decision
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness ClassWeakness Class862Missing Authorization
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
ParentOfWeakness ClassWeakness Class863Incorrect Authorization
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
MemberOfViewView900Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors
Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors (primary)900
+ References
"2011 CWE/SANS Top 25 Most Dangerous Software Errors". 2011-06-27. <http://cwe.mitre.org/top25>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2011-06-25Internal CWE Team

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017