CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE VIEW: Weaknesses Used by NVD

View ID: 635
Structure: Explicit Slice
Status: Draft
Presentation Filter:
+ View Data

View Objective

CWE nodes in this view (slice) were used by NIST to categorize vulnerabilities within NVD, from 2007 to 2016.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberCategoryCategory16Configuration
Weaknesses Used by NVD (primary)635
HasMemberWeakness ClassWeakness Class20Improper Input Validation
Weaknesses Used by NVD (primary)635
HasMemberWeakness ClassWeakness Class22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Weaknesses Used by NVD (primary)635
HasMemberWeakness BaseWeakness Base59Improper Link Resolution Before File Access ('Link Following')
Weaknesses Used by NVD (primary)635
HasMemberWeakness BaseWeakness Base78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Weaknesses Used by NVD (primary)635
HasMemberWeakness BaseWeakness Base79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Weaknesses Used by NVD (primary)635
HasMemberWeakness BaseWeakness Base89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Weaknesses Used by NVD (primary)635
HasMemberWeakness ClassWeakness Class94Improper Control of Generation of Code ('Code Injection')
Weaknesses Used by NVD (primary)635
HasMemberWeakness ClassWeakness Class119Improper Restriction of Operations within the Bounds of a Memory Buffer
Weaknesses Used by NVD (primary)635
HasMemberWeakness BaseWeakness Base134Use of Externally-Controlled Format String
Weaknesses Used by NVD (primary)635
HasMemberCategoryCategory189Numeric Errors
Weaknesses Used by NVD (primary)635
HasMemberWeakness ClassWeakness Class200Information Exposure
Weaknesses Used by NVD (primary)635
HasMemberCategoryCategory255Credentials Management
Weaknesses Used by NVD (primary)635
HasMemberCategoryCategory264Permissions, Privileges, and Access Controls
Weaknesses Used by NVD (primary)635
HasMemberWeakness ClassWeakness Class287Improper Authentication
Weaknesses Used by NVD (primary)635
HasMemberCategoryCategory310Cryptographic Issues
Weaknesses Used by NVD (primary)635
HasMemberCompound Element: CompositeCompound Element: Composite352Cross-Site Request Forgery (CSRF)
Weaknesses Used by NVD (primary)635
HasMemberWeakness ClassWeakness Class362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Weaknesses Used by NVD (primary)635
HasMemberCategoryCategory399Resource Management Errors
Weaknesses Used by NVD (primary)635
+ References
NIST. "CWE - Common Weakness Enumeration". <http://nvd.nist.gov/cwe.cfm>.
+ Maintenance Notes

This view is effectively obsolete, although it is probably still in active use by CWE consumers.

In Summer 2007, NIST began using this set of CWE elements to classify CVE entries within the National Vulnerability Database (NVD). In 2016, NIST began using a different list as derived from the "Weaknesses for Simplified Mapping of Published Vulnerabilities" view (CWE-1003).

+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Maintenance_Notes, Relationships, References, View_Structure
2017-01-19CWE Content TeamMITREInternal
updated Description, Maintenance_Notes
+ View Metrics
CWEs in this viewTotal CWEs
Total19out of1005
Views0out of33
Categories6out of244
Weaknesses12out of720
Compound_Elements1out of8

More information is available — Please select a different filter.
Page Last Updated: January 19, 2017