CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE CATEGORY: OWASP Top Ten 2004 Category A10 - Insecure Configuration Management

Category ID: 731
Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the A10 category in the OWASP Top Ten 2004.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfCategoryCategory4J2EE Environment Issues
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfCategoryCategory10ASP.NET Environment Issues
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base209Information Exposure Through an Error Message
Weaknesses in OWASP Top Ten (2004)711
ParentOfWeakness VariantWeakness Variant215Information Exposure Through Debug Information
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant219Sensitive Data Under Web Root
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfCategoryCategory275Permission Issues
Weaknesses in OWASP Top Ten (2004)711
ParentOfWeakness BaseWeakness Base295Improper Certificate Validation
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base459Incomplete Cleanup
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base489Leftover Debug Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant526Information Exposure Through Environmental Variables
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant527Exposure of CVS Repository to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant528Exposure of Core Dump File to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant529Exposure of Access Control List Files to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant530Exposure of Backup File to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant531Information Exposure Through Test Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant532Information Exposure Through Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant533Information Exposure Through Server Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant534Information Exposure Through Debug Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant540Information Exposure Through Source Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant541Information Exposure Through Include Source Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant542Information Exposure Through Cleanup Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant548Information Exposure Through Directory Listing
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base552Files or Directories Accessible to External Parties
Weaknesses in OWASP Top Ten (2004) (primary)711
MemberOfViewView711Weaknesses in OWASP Top Ten (2004)
Weaknesses in OWASP Top Ten (2004) (primary)711
+ References
OWASP. "A10 Insecure Configuration Management". 2007. <http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=70827>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-08-15VeracodeExternal Submission
Suggested creation of view and provided mappings
Modifications
Modification DateModifierOrganizationSource
2009-03-10CWE Content TeamMITREInternal
updated Relationships

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017