CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.1)  
ID

CWE VIEW: Weaknesses in Mobile Applications

View ID: 919
Type: Implicit
Status: Incomplete
Downloads: Booklet | CSV | XML
+ Objective
CWE entries in this view (slice) are often seen in mobile applications.
+ Filter
/Weakness_Catalog/Weaknesses/Weakness[./Applicable_Platforms/Paradigm/@Name='Mobile']
+ Membership
NatureTypeIDName
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.200Information Exposure
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.250Execution with Unnecessary Privileges
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.295Improper Certificate Validation
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.297Improper Validation of Certificate with Host Mismatch
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.312Cleartext Storage of Sensitive Information
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.319Cleartext Transmission of Sensitive Information
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.359Exposure of Private Information ('Privacy Violation')
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.511Logic/Time Bomb
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.672Operation on a Resource after Expiration or Release
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.772Missing Release of Resource after Effective Lifetime
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.798Use of Hard-coded Credentials
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.920Improper Restriction of Power Consumption
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.921Storage of Sensitive Data in a Mechanism without Access Control
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.925Improper Verification of Intent by Broadcast Receiver
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.926Improper Export of Android Application Components
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.927Use of Implicit Intent for Sensitive Communication
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.939Improper Authorization in Handler for Custom URL Scheme
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.940Improper Verification of Source of a Communication Channel
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.941Incorrectly Specified Destination in a Communication Channel
+ View Metrics
CWEs in this viewTotal CWEs
Weaknesses19out of 716
Categories0out of 247
Views0out of 32
Total19out of995
+ Content History
Submissions
Submission DateSubmitterOrganization
2013-05-29CWE Content TeamMITRE

More information is available — Please select a different filter.
Page Last Updated: March 29, 2018