CWE - CWE-709: Named Chains (4.5)

CWE Top 25 Most Dangerous Weaknesses

Home > CWE List > CWE- Individual Dictionary Definition (4.5)

CWE VIEW: Named Chains

View ID: 709

Type: Implicit

Status: Incomplete

Downloads: Booklet | CSV | XML

Objective

This view displays Named Chains and their components.

Filter

/Weakness_Catalog/Weaknesses/Weakness[@Structure='Chain']

Membership

Nature	Type	ID	Name
HasMember	Chain - a Compound Element that is a sequence of two or more separate weaknesses that can be closely linked together within software. One weakness, X, can directly create the conditions that are necessary to cause another weakness, Y, to enter a vulnerable condition. When this happens, CWE refers to X as "primary" to Y, and Y is "resultant" from X. Chains can involve more than two weaknesses, and in some cases, they might have a tree-like structure.	680	Integer Overflow to Buffer Overflow
HasMember	Chain - a Compound Element that is a sequence of two or more separate weaknesses that can be closely linked together within software. One weakness, X, can directly create the conditions that are necessary to cause another weakness, Y, to enter a vulnerable condition. When this happens, CWE refers to X as "primary" to Y, and Y is "resultant" from X. Chains can involve more than two weaknesses, and in some cases, they might have a tree-like structure.	690	Unchecked Return Value to NULL Pointer Dereference
HasMember	Chain - a Compound Element that is a sequence of two or more separate weaknesses that can be closely linked together within software. One weakness, X, can directly create the conditions that are necessary to cause another weakness, Y, to enter a vulnerable condition. When this happens, CWE refers to X as "primary" to Y, and Y is "resultant" from X. Chains can involve more than two weaknesses, and in some cases, they might have a tree-like structure.	692	Incomplete Denylist to Cross-Site Scripting

View Metrics

	CWEs in this view		Total CWEs
Weaknesses	3	out of	922
Categories	0	out of	316
Views	0	out of	44
Total	3	out of	1282

Content History

Submissions
Submission Date	Submitter	Organization
2008-09-09	CWE Content Team	MITRE
2008-09-09
Modifications
Modification Date	Modifier	Organization
2017-11-08	CWE Content Team	MITRE
2017-11-08	updated Description, View_Structure

More information is available — Please select a different filter.

Page Last Updated: July 20, 2021


	Site Map \| Terms of Use \| Privacy Policy \| Contact Us \| Use of the Common Weakness Enumeration (CWE) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006-2021, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.