CWE VIEW: Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors
CWE entries in this view (graph) are listed in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors.
The following graph shows the tree-like relationships between weaknesses that exist at different levels of abstraction. At the highest level, categories and classes exist to group weaknesses. A category is a CWE entry that contains a set of other entries that share a common characteristic. Classes are weaknesses that is described in a very abstract fashion, typically independent of any specific language or technology and are more general than a base weakness. Within classes, base level weaknesses are used to present a more specific type of weakness that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. A variant is a weakness that is described at a very low level of detail, typically limited to a specific language or technology. A chain is a set of weaknesses that must be reachable consecutively in order to produce an exploitable vulnerability. A composite is a set of weaknesses that must all be present simultaneously in order to produce an exploitable vulnerability. Show Details:
900 - Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors
![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) Weaknesses in this category are not part of the general Top 25, but they were part of the original nominee list from which the Top 25 was drawn. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 129 (Improper Validation of Array Index) The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.out-of-bounds array indexindex-out-of-rangearray index underflow ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 209 (Information Exposure Through an Error Message) The software generates an error message that includes sensitive information about its environment, users, or associated data. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 212 (Improper Cross-boundary Removal of Sensitive Data) The software uses a resource that contains sensitive data, but it does not properly remove that data before it stores, transfers, or shares the resource with actors in another control sphere. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 330 (Use of Insufficiently Random Values) The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 362 (Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')) The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 456 (Missing Initialization of a Variable) The software does not initialize critical variables, which causes the execution environment to use unexpected values. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 476 (NULL Pointer Dereference) A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 681 (Incorrect Conversion between Numeric Types) When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 754 (Improper Check for Unusual or Exceptional Conditions) The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 770 (Allocation of Resources Without Limits or Throttling) The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on how many resources can be allocated, in violation of the intended security policy for that actor. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 772 (Missing Release of Resource after Effective Lifetime) The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 805 (Buffer Access with Incorrect Length Value) The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 822 (Untrusted Pointer Dereference) The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 825 (Expired Pointer Dereference) The program dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.Dangling pointer ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 838 (Inappropriate Encoding for Output Context) The software uses or specifies an encoding when generating output to a downstream component, but the specified encoding is not the same as the encoding that is expected by the downstream component. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 867 (2011 Top 25 - Weaknesses On the Cusp) > 841 (Improper Enforcement of Behavioral Workflow) The software supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) Weaknesses in this category are listed in the "Porous Defenses" section of the 2011 CWE/SANS Top 25 Most Dangerous Software Errors. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 250 (Execution with Unnecessary Privileges) The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 306 (Missing Authentication for Critical Function) The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 307 (Improper Restriction of Excessive Authentication Attempts) The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 311 (Missing Encryption of Sensitive Data) The software does not encrypt sensitive or critical information before storage or transmission. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 327 (Use of a Broken or Risky Cryptographic Algorithm) The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 732 (Incorrect Permission Assignment for Critical Resource) The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 759 (Use of a One-Way Hash without a Salt) The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 798 (Use of Hard-coded Credentials) The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 807 (Reliance on Untrusted Inputs in a Security Decision) The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 862 (Missing Authorization) The software does not perform an authorization check when an actor attempts to access a resource or perform an action.AuthZ ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 866 (2011 Top 25 - Porous Defenses) > 863 (Incorrect Authorization) The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.AuthZ ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) Weaknesses in this category are listed in the "Risky Resource Management" section of the 2011 CWE/SANS Top 25 Most Dangerous Software Errors. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) > 120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')) The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.buffer overrunUnbounded Transfer ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) > 131 (Incorrect Calculation of Buffer Size) The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) > 134 (Use of Externally-Controlled Format String) The software uses a function that accepts a format string as an argument, but the format string originates from an external source. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) > 190 (Integer Overflow or Wraparound) The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) > 22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')) The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Directory traversalPath traversal ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) > 494 (Download of Code Without Integrity Check) The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 865 (2011 Top 25 - Risky Resource Management) > 676 (Use of Potentially Dangerous Function) The program invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) Weaknesses in this category are listed in the "Insecure Interaction Between Components" section of the 2011 CWE/SANS Top 25 Most Dangerous Software Errors. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) > 352 (Cross-Site Request Forgery (CSRF)) The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.Session RidingCross Site Reference ForgeryXSRF ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) > 434 (Unrestricted Upload of File with Dangerous Type) The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.Unrestricted File Upload ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) > 601 (URL Redirection to Untrusted Site ('Open Redirect')) A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.Open RedirectCross-site RedirectCross-domain Redirect ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) > 78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')) The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Shell injectionShell metacharacters ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) > 79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')) The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.XSSHTML InjectionCSS ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) > 829 (Inclusion of Functionality from Untrusted Control Sphere) The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere. ![]() ![]() 900 (Weaknesses in the 2011 CWE/SANS Top 25 Most Dangerous Software Errors) > 864 (2011 Top 25 - Insecure Interaction Between Components) > 89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')) The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
More information is available — Please select a different filter. |
Page Last Updated:
March 29, 2018
|
Use of the Common Weakness Enumeration and the associated references from this website are subject to the Terms of Use. For more information, please email cwe@mitre.org. CWE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 2006-2017, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation. |
|