CWE

Common Weakness Enumeration

A Community-Developed List of Software & Hardware Weakness Types

CWE Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (4.0)  
ID

CWE CATEGORY: SFP Secondary Cluster: Hardcoded Sensitive Data

Category ID: 950
Status: Incomplete
+ Summary
This category identifies Software Fault Patterns (SFPs) within the Hardcoded Sensitive Data cluster (SFP33).
+ Membership
NatureTypeIDName
MemberOfCategoryCategory - a CWE entry that contains a set of other entries that share a common characteristic.898SFP Primary Cluster: Authentication
HasMemberVariantVariant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.258Empty Password in Configuration File
HasMemberVariantVariant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.259Use of Hard-coded Password
HasMemberVariantVariant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.321Use of Hard-coded Cryptographic Key
HasMemberVariantVariant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.547Use of Hard-coded, Security-relevant Constants
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-07-29CWE Content TeamMITRE
Modifications
Modification DateModifierOrganization
2020-02-24CWE Content TeamMITRE
updated Description
More information is available — Please select a different filter.
Page Last Updated: February 20, 2020