Presentation Filter:
 View Data View Audience RelationshipsShow Details:
900 - Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors
  Category2011 Top 25 - Insecure Interaction Between Components - (864)Weaknesses in this category are listed in the "Insecure
Interaction Between Components" section of the 2011 CWE/SANS Top 25 Most
Dangerous Software Errors.  Compound Element: CompositeCross-Site Request Forgery (CSRF) - (352)The web application does not, or can not, sufficiently verify
whether a well-formed, valid, consistent request was intentionally provided by
the user who submitted the request.Session RidingCross Site Reference ForgeryXSRF   Weakness ClassExternal Control of Critical State Data - (642)The software stores security-critical state information about
its users, or the software itself, in a location that is accessible to
unauthorized actors.  Weakness BaseInsufficient Session Expiration - (613)According to WASC, "Insufficient Session Expiration is when a
web site permits an attacker to reuse old session credentials or session IDs for
authorization." Weakness BaseOrigin Validation Error - (346)The software does not properly verify that the source of data
or communication is valid. Weakness ClassUnintended Proxy or Intermediary ('Confused Deputy') - (441)The software receives a request, message, or directive from an
upstream component, but the software does not sufficiently preserve the original
source of the request before forwarding the request to an external actor that is
outside of the software's control sphere. This causes the software to appear to
be the source of the request, leading it to act as a proxy or other intermediary
between the upstream component and the external actor.Confused Deputy Weakness BaseImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - (79)The software does not neutralize or incorrectly neutralizes
user-controllable input before it is placed in output that is used as a web page
that is served to other users.XSSCSS Weakness BaseImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection') - (78)The software constructs all or part of an OS command using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
intended OS command when it is sent to a downstream
component.Shell injectionShell metacharacters Weakness BaseImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - (89)The software constructs all or part of an SQL command using
externally-influenced input from an upstream component, but it does not
neutralize or incorrectly neutralizes special elements that could modify the
intended SQL command when it is sent to a downstream
component. Weakness ClassInclusion of Functionality from Untrusted Control Sphere - (829)The software imports, requires, or includes executable
functionality (such as a library) from a source that is outside of the intended
control sphere.  Weakness VariantURL Redirection to Untrusted Site ('Open Redirect') - (601)A web application accepts a user-controlled input that
specifies a link to an external site, and uses that link in a Redirect. This
simplifies phishing attacks.Open RedirectCross-site RedirectCross-domain Redirect Weakness BaseUnrestricted Upload of File with Dangerous Type - (434)The software allows the attacker to upload or transfer files of
dangerous types that can be automatically processed within the product's
environment.Unrestricted File Upload Category2011 Top 25 - Porous Defenses - (866)Weaknesses in this category are listed in the "Porous Defenses"
section of the 2011 CWE/SANS Top 25 Most Dangerous Software
Errors. Weakness ClassExecution with Unnecessary Privileges - (250)The software performs an operation at a privilege level that is
higher than the minimum level required, which creates new weaknesses or
amplifies the consequences of other weaknesses. Weakness BaseImproper Restriction of Excessive Authentication Attempts - (307)The software does not implement sufficient measures to prevent
multiple failed authentication attempts within in a short time frame, making it
more susceptible to brute force attacks. Weakness ClassIncorrect Authorization - (863)The software performs an authorization check when an actor
attempts to access a resource or perform an action, but it does not correctly
perform the check. This allows attackers to bypass intended access
restrictions.AuthZ Weakness ClassIncorrect Permission Assignment for Critical Resource - (732)The software specifies permissions for a security-critical
resource in a way that allows that resource to be read or modified by unintended
actors. Weakness VariantMissing Authentication for Critical Function - (306)The software does not perform any authentication for
functionality that requires a provable user identity or consumes a significant
amount of resources. Weakness ClassMissing Authorization - (862)The software does not perform an authorization check when an
actor attempts to access a resource or perform an action.AuthZ Weakness BaseMissing Encryption of Sensitive Data - (311)The software does not encrypt sensitive or critical information
before storage or transmission. Weakness BaseReliance on Untrusted Inputs in a Security Decision - (807)The application uses a protection mechanism that relies on the
existence or values of an input, but the input can be modified by an untrusted
actor in a way that bypasses the protection mechanism. Weakness BaseUse of Hard-coded Credentials - (798)The software contains hard-coded credentials, such as a
password or cryptographic key, which it uses for its own inbound authentication,
outbound communication to external components, or encryption of internal
data. Weakness BaseUse of a Broken or Risky Cryptographic Algorithm - (327)The use of a broken or risky cryptographic algorithm is an
unnecessary risk that may result in the exposure of sensitive
information. Weakness BaseUse of a One-Way Hash without a Salt - (759)The software uses a one-way cryptographic hash against an input
that should not be reversible, such as a password, but the software does not
also use a salt as part of the input. Category2011 Top 25 - Risky Resource Management - (865)Weaknesses in this category are listed in the "Risky Resource
Management" section of the 2011 CWE/SANS Top 25 Most Dangerous Software
Errors. Weakness BaseBuffer Copy without Checking Size of Input ('Classic Buffer Overflow') - (120)The program copies an input buffer to an output buffer without
verifying that the size of the input buffer is less than the size of the output
buffer, leading to a buffer overflow.buffer overrunUnbounded Transfer Weakness BaseDownload of Code Without Integrity Check - (494)The product downloads source code or an executable from a
remote location and executes the code without sufficiently verifying the origin
and integrity of the code. Weakness ClassImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') - (22)The software uses external input to construct a pathname that
is intended to identify a file or directory that is located underneath a
restricted parent directory, but the software does not properly neutralize
special elements within the pathname that can cause the pathname to resolve to a
location that is outside of the restricted directory.Directory traversalPath traversal Weakness BaseIncorrect Calculation of Buffer Size - (131)The software does not correctly calculate the size to be used
when allocating a buffer, which could lead to a buffer
overflow. Weakness BaseInteger Overflow or Wraparound - (190)The software performs a calculation that can produce an integer
overflow or wraparound, when the logic assumes that the resulting value will
always be larger than the original value. This can introduce other weaknesses
when the calculation is used for resource management or execution
control. Weakness BaseUse of Externally-Controlled Format String - (134)The software uses a function that accepts a format string as an
argument, but the format string originates from an external
source. Weakness BaseUse of Potentially Dangerous Function - (676)The program invokes a potentially dangerous function that could
introduce a vulnerability if it is used incorrectly, but the function can also
be used safely. Category2011 Top 25 - Weaknesses On the Cusp - (867)Weaknesses in this category are not part of the general Top 25,
but they were part of the original nominee list from which the Top 25 was
drawn. Weakness BaseAllocation of Resources Without Limits or Throttling - (770)The software allocates a reusable resource or group of
resources on behalf of an actor without imposing any restrictions on how many
resources can be allocated, in violation of the intended security policy for
that actor. Weakness BaseBuffer Access with Incorrect Length Value - (805)The software uses a sequential operation to read or write a
buffer, but it uses an incorrect length value that causes it to access memory
that is outside of the bounds of the buffer. Weakness ClassConcurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') - (362)The program contains a code sequence that can run concurrently
with other code, and the code sequence requires temporary, exclusive access to a
shared resource, but a timing window exists in which the shared resource can be
modified by another code sequence that is operating
concurrently. Weakness BaseExpired Pointer Dereference - (825)The program dereferences a pointer that contains a location for
memory that was previously valid, but is no longer valid.Dangling pointer Weakness ClassImproper Check for Unusual or Exceptional Conditions - (754)The software does not check or improperly checks for unusual or
exceptional conditions that are not expected to occur frequently during day to
day operation of the software. Weakness BaseImproper Cross-boundary Removal of Sensitive Data - (212)The software uses a resource that contains sensitive data, but
it does not properly remove that data before it stores, transfers, or shares the
resource with actors in another control sphere. Weakness BaseImproper Enforcement of Behavioral Workflow - (841)The software supports a session in which more than one behavior
must be performed by an actor, but it does not properly ensure that the actor
performs the behaviors in the required sequence. Weakness BaseImproper Validation of Array Index - (129)The product uses untrusted input when calculating or using an
array index, but the product does not validate or incorrectly validates the
index to ensure the index references a valid position within the array.
out-of-bounds array indexindex-out-of-rangearray index underflow Weakness BaseInappropriate Encoding for Output Context - (838)The software uses or specifies an encoding when generating
output to a downstream component, but the specified encoding is not the same as
the encoding that is expected by the downstream component. Weakness BaseIncorrect Conversion between Numeric Types - (681)When converting from one data type to another, such as long to
integer, data can be omitted or translated in a way that produces unexpected
values. If the resulting values are used in a sensitive context, then dangerous
behaviors may occur. Weakness BaseInformation Exposure Through an Error Message - (209)The software generates an error message that includes sensitive
information about its environment, users, or associated
data. Weakness BaseMissing Initialization of a Variable - (456)The software does not initialize critical variables, which
causes the execution environment to use unexpected values. Weakness BaseMissing Release of Resource after Effective Lifetime - (772)The software does not release a resource after its effective
lifetime has ended, i.e., after the resource is no longer
needed. Weakness BaseNULL Pointer Dereference - (476)A NULL pointer dereference occurs when the application
dereferences a pointer that it expects to be valid, but is NULL, typically
causing a crash or exit. Weakness BaseUntrusted Pointer Dereference - (822)The program obtains a value from an untrusted source, converts
this value to a pointer, and dereferences the resulting pointer. Weakness ClassUse of Insufficiently Random Values - (330)The software may use insufficiently random numbers or values in
a security context that depends on unpredictable numbers. References Content History View MetricsMore information is available — Please select a different filter. |
|
|
|||
