-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcwe.json
3762 lines (3762 loc) · 244 KB
/
cwe.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
[
{
"name": "CWE-5: J2EE Misconfiguration: Data Transmission Without Encryption",
"description": "Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are weakly encrypted."
},
{
"name": "CWE-6: J2EE Misconfiguration: Insufficient Session-ID Length",
"description": "The J2EE application is configured to use an insufficient session ID length."
},
{
"name": "CWE-7: J2EE Misconfiguration: Missing Custom Error Page",
"description": "The default error page of a web application should not display sensitive information about the product."
},
{
"name": "CWE-8: J2EE Misconfiguration: Entity Bean Declared Remote",
"description": "When an application exposes a remote interface for an entity bean, it might also expose methods that get or set the bean's data. These methods could be leveraged to read sensitive information, or to change data in ways that violate the application's expectations, potentially leading to other vulnerabilities."
},
{
"name": "CWE-9: J2EE Misconfiguration: Weak Access Permissions for EJB Methods",
"description": "If elevated access rights are assigned to EJB methods, then an attacker can take advantage of the permissions to exploit the product."
},
{
"name": "CWE-11: ASP.NET Misconfiguration: Creating Debug Binary",
"description": "Debugging messages help attackers learn about the system and plan a form of attack."
},
{
"name": "CWE-12: ASP.NET Misconfiguration: Missing Custom Error Page",
"description": "An ASP .NET application must enable custom error pages in order to prevent attackers from mining information from the framework's built-in responses."
},
{
"name": "CWE-13: ASP.NET Misconfiguration: Password in Configuration File",
"description": "Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attackers."
},
{
"name": "CWE-14: Compiler Removal of Code to Clear Buffers",
"description": "Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka \"dead store removal.\""
},
{
"name": "CWE-15: External Control of System or Configuration Setting",
"description": "One or more system settings or configuration elements can be externally controlled by a user."
},
{
"name": "CWE-20: Improper Input Validation",
"description": "The product receives input or data, but it does\n not validate or incorrectly validates that the input has the\n properties that are required to process the data safely and\n correctly."
},
{
"name": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory."
},
{
"name": "CWE-23: Relative Path Traversal",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as \"..\" that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-24: Path Traversal: '../filedir'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize \"../\" sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-25: Path Traversal: '/../filedir'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize \"/../\" sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-26: Path Traversal: '/dir/../filename'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize \"/dir/../filename\" sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-27: Path Traversal: 'dir/../../filename'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize multiple internal \"../\" sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-28: Path Traversal: '..\\filedir'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize \"..\\\" sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-29: Path Traversal: '\\..\\filename'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\\..\\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-30: Path Traversal: '\\dir\\..\\filename'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\\dir\\..\\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-31: Path Traversal: 'dir\\..\\..\\filename'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize 'dir\\..\\..\\filename' (multiple internal backslash dot dot) sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-32: Path Traversal: '...' (Triple Dot)",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '...' (triple dot) sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-33: Path Traversal: '....' (Multiple Dot)",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '....' (multiple dot) sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-34: Path Traversal: '....//'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '....//' (doubled dot dot slash) sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-35: Path Traversal: '.../...//'",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-36: Absolute Path Traversal",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as \"/abs/path\" that can resolve to a location that is outside of that directory."
},
{
"name": "CWE-37: Path Traversal: '/absolute/pathname/here'",
"description": "The product accepts input in the form of a slash absolute path ('/absolute/pathname/here') without appropriate validation, which can allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-38: Path Traversal: '\\absolute\\pathname\\here'",
"description": "The product accepts input in the form of a backslash absolute path ('\\absolute\\pathname\\here') without appropriate validation, which can allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-39: Path Traversal: 'C:dirname'",
"description": "The product accepts input that contains a drive letter or Windows volume letter ('C:dirname') that potentially redirects access to an unintended location or arbitrary file."
},
{
"name": "CWE-40: Path Traversal: '\\\\UNC\\share\\name\\' (Windows UNC Share)",
"description": "The product accepts input that identifies a Windows UNC share ('\\\\UNC\\share\\name') that potentially redirects access to an unintended location or arbitrary file."
},
{
"name": "CWE-41: Improper Resolution of Path Equivalence",
"description": "The product is vulnerable to file system contents disclosure through path equivalence. Path equivalence involves the use of special characters in file and directory names. The associated manipulations are intended to generate multiple names for the same object."
},
{
"name": "CWE-42: Path Equivalence: 'filename.' (Trailing Dot)",
"description": "The product accepts path input in the form of trailing dot ('filedir.') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-43: Path Equivalence: 'filename....' (Multiple Trailing Dot)",
"description": "The product accepts path input in the form of multiple trailing dot ('filedir....') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-44: Path Equivalence: 'file.name' (Internal Dot)",
"description": "The product accepts path input in the form of internal dot ('file.ordir') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-45: Path Equivalence: 'file...name' (Multiple Internal Dot)",
"description": "The product accepts path input in the form of multiple internal dot ('file...dir') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-46: Path Equivalence: 'filename ' (Trailing Space)",
"description": "The product accepts path input in the form of trailing space ('filedir ') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-47: Path Equivalence: ' filename' (Leading Space)",
"description": "The product accepts path input in the form of leading space (' filedir') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-48: Path Equivalence: 'file name' (Internal Whitespace)",
"description": "The product accepts path input in the form of internal space ('file(SPACE)name') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-49: Path Equivalence: 'filename/' (Trailing Slash)",
"description": "The product accepts path input in the form of trailing slash ('filedir/') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-50: Path Equivalence: '//multiple/leading/slash'",
"description": "The product accepts path input in the form of multiple leading slash ('//multiple/leading/slash') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-51: Path Equivalence: '/multiple//internal/slash'",
"description": "The product accepts path input in the form of multiple internal slash ('/multiple//internal/slash/') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-52: Path Equivalence: '/multiple/trailing/slash//'",
"description": "The product accepts path input in the form of multiple trailing slash ('/multiple/trailing/slash//') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-53: Path Equivalence: '\\multiple\\\\internal\\backslash'",
"description": "The product accepts path input in the form of multiple internal backslash ('\\multiple\\trailing\\\\slash') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-54: Path Equivalence: 'filedir\\' (Trailing Backslash)",
"description": "The product accepts path input in the form of trailing backslash ('filedir\\') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-55: Path Equivalence: '/./' (Single Dot Directory)",
"description": "The product accepts path input in the form of single dot directory exploit ('/./') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-56: Path Equivalence: 'filedir*' (Wildcard)",
"description": "The product accepts path input in the form of asterisk wildcard ('filedir*') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files."
},
{
"name": "CWE-57: Path Equivalence: 'fakedir/../realdir/filename'",
"description": "The product contains protection mechanisms to restrict access to 'realdir/filename', but it constructs pathnames using external input in the form of 'fakedir/../realdir/filename' that are not handled by those mechanisms. This allows attackers to perform unauthorized actions against the targeted file."
},
{
"name": "CWE-58: Path Equivalence: Windows 8.3 Filename",
"description": "The product contains a protection mechanism that restricts access to a long filename on a Windows operating system, but it does not properly restrict access to the equivalent short \"8.3\" filename."
},
{
"name": "CWE-59: Improper Link Resolution Before File Access ('Link Following')",
"description": "The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource."
},
{
"name": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"description": "The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files."
},
{
"name": "CWE-62: UNIX Hard Link",
"description": "The product, when opening a file or directory, does not sufficiently account for when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files."
},
{
"name": "CWE-64: Windows Shortcut Following (.LNK)",
"description": "The product, when opening a file or directory, does not sufficiently handle when the file is a Windows shortcut (.LNK) whose target is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files."
},
{
"name": "CWE-65: Windows Hard Link",
"description": "The product, when opening a file or directory, does not sufficiently handle when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files."
},
{
"name": "CWE-66: Improper Handling of File Names that Identify Virtual Resources",
"description": "The product does not handle or incorrectly handles a file name that identifies a \"virtual\" resource that is not directly specified within the directory that is associated with the file name, causing the product to perform file-based operations on a resource that is not a file."
},
{
"name": "CWE-67: Improper Handling of Windows Device Names",
"description": "The product constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a Windows device name such as AUX or CON. This typically leads to denial of service or an information exposure when the application attempts to process the pathname as a regular file."
},
{
"name": "CWE-69: Improper Handling of Windows ::DATA Alternate Data Stream",
"description": "The product does not properly prevent access to, or detect usage of, alternate data streams (ADS)."
},
{
"name": "CWE-72: Improper Handling of Apple HFS+ Alternate Data Stream Path",
"description": "The product does not properly handle special paths that may identify the data or resource fork of a file on the HFS+ file system."
},
{
"name": "CWE-73: External Control of File Name or Path",
"description": "The product allows user input to control or influence paths or file names that are used in filesystem operations."
},
{
"name": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
"description": "The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component."
},
{
"name": "CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",
"description": "The product does not adequately filter user-controlled input for special elements with control implications."
},
{
"name": "CWE-76: Improper Neutralization of Equivalent Special Elements",
"description": "The product correctly neutralizes certain special elements, but it improperly neutralizes equivalent special elements."
},
{
"name": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
"description": "The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component."
},
{
"name": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"description": "The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component."
},
{
"name": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"description": "The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users."
},
{
"name": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as \"<\", \">\", and \"&\" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages."
},
{
"name": "CWE-81: Improper Neutralization of Script in an Error Message Web Page",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters that could be interpreted as web-scripting elements when they are sent to an error page."
},
{
"name": "CWE-82: Improper Neutralization of Script in Attributes of IMG Tags in a Web Page",
"description": "The web application does not neutralize or incorrectly neutralizes scripting elements within attributes of HTML IMG tags, such as the src attribute."
},
{
"name": "CWE-83: Improper Neutralization of Script in Attributes in a Web Page",
"description": "The product does not neutralize or incorrectly neutralizes \"javascript:\" or other URIs from dangerous attributes within tags, such as onmouseover, onload, onerror, or style."
},
{
"name": "CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page",
"description": "The web application improperly neutralizes user-controlled input for executable script disguised with URI encodings."
},
{
"name": "CWE-85: Doubled Character XSS Manipulations",
"description": "The web application does not filter user-controlled input for executable script disguised using doubling of the involved characters."
},
{
"name": "CWE-86: Improper Neutralization of Invalid Characters in Identifiers in Web Pages",
"description": "The product does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers."
},
{
"name": "CWE-87: Improper Neutralization of Alternate XSS Syntax",
"description": "The product does not neutralize or incorrectly neutralizes user-controlled input for alternate script syntax."
},
{
"name": "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
"description": "The product constructs a string for a command to be executed by a separate component\nin another control sphere, but it does not properly delimit the\nintended arguments, options, or switches within that command string."
},
{
"name": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"description": "The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data."
},
{
"name": "CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')",
"description": "The product constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component."
},
{
"name": "CWE-91: XML Injection (aka Blind XPath Injection)",
"description": "The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system."
},
{
"name": "CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')",
"description": "The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs."
},
{
"name": "CWE-94: Improper Control of Generation of Code ('Code Injection')",
"description": "The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment."
},
{
"name": "CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. \"eval\")."
},
{
"name": "CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before inserting the input into an executable resource, such as a library, configuration file, or template."
},
{
"name": "CWE-97: Improper Neutralization of Server-Side Includes (SSI) Within a Web Page",
"description": "The product generates a web page, but does not neutralize or incorrectly neutralizes user-controllable input that could be interpreted as a server-side include (SSI) directive."
},
{
"name": "CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')",
"description": "The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in \"require,\" \"include,\" or similar functions."
},
{
"name": "CWE-99: Improper Control of Resource Identifiers ('Resource Injection')",
"description": "The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control."
},
{
"name": "CWE-102: Struts: Duplicate Validation Forms",
"description": "The product uses multiple validation forms with the same name, which might cause the Struts Validator to validate a form that the programmer does not expect."
},
{
"name": "CWE-103: Struts: Incomplete validate() Method Definition",
"description": "The product has a validator form that either does not define a validate() method, or defines a validate() method but does not call super.validate()."
},
{
"name": "CWE-104: Struts: Form Bean Does Not Extend Validation Class",
"description": "If a form bean does not extend an ActionForm subclass of the Validator framework, it can expose the application to other weaknesses related to insufficient input validation."
},
{
"name": "CWE-105: Struts: Form Field Without Validator",
"description": "The product has a form field that is not validated by a corresponding validation form, which can introduce other weaknesses related to insufficient input validation."
},
{
"name": "CWE-106: Struts: Plug-in Framework not in Use",
"description": "When an application does not use an input validation framework such as the Struts Validator, there is a greater risk of introducing weaknesses related to insufficient input validation."
},
{
"name": "CWE-107: Struts: Unused Validation Form",
"description": "An unused validation form indicates that validation logic is not up-to-date."
},
{
"name": "CWE-108: Struts: Unvalidated Action Form",
"description": "Every Action Form must have a corresponding validation form."
},
{
"name": "CWE-109: Struts: Validator Turned Off",
"description": "Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation."
},
{
"name": "CWE-110: Struts: Validator Without Form Field",
"description": "Validation fields that do not appear in forms they are associated with indicate that the validation logic is out of date."
},
{
"name": "CWE-111: Direct Use of Unsafe JNI",
"description": "When a Java application uses the Java Native Interface (JNI) to call code written in another programming language, it can expose the application to weaknesses in that code, even if those weaknesses cannot occur in Java."
},
{
"name": "CWE-112: Missing XML Validation",
"description": "The product accepts XML from an untrusted source but does not validate the XML against the proper schema."
},
{
"name": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')",
"description": "The product receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers."
},
{
"name": "CWE-114: Process Control",
"description": "Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker."
},
{
"name": "CWE-115: Misinterpretation of Input",
"description": "The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion."
},
{
"name": "CWE-116: Improper Encoding or Escaping of Output",
"description": "The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved."
},
{
"name": "CWE-117: Improper Output Neutralization for Logs",
"description": "The product does not neutralize or incorrectly neutralizes output that is written to logs."
},
{
"name": "CWE-118: Incorrect Access of Indexable Resource ('Range Error')",
"description": "The product does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files."
},
{
"name": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"description": "The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data."
},
{
"name": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
"description": "The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow."
},
{
"name": "CWE-121: Stack-based Buffer Overflow",
"description": "A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function)."
},
{
"name": "CWE-122: Heap-based Buffer Overflow",
"description": "A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc()."
},
{
"name": "CWE-123: Write-what-where Condition",
"description": "Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow."
},
{
"name": "CWE-124: Buffer Underwrite ('Buffer Underflow')",
"description": "The product writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer."
},
{
"name": "CWE-125: Out-of-bounds Read",
"description": "The product reads data past the end, or before the beginning, of the intended buffer."
},
{
"name": "CWE-126: Buffer Over-read",
"description": "The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer."
},
{
"name": "CWE-127: Buffer Under-read",
"description": "The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations prior to the targeted buffer."
},
{
"name": "CWE-128: Wrap-around Error",
"description": "Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore \"wraps around\" to a very small, negative, or undefined value."
},
{
"name": "CWE-129: Improper Validation of Array Index",
"description": "The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array."
},
{
"name": "CWE-130: Improper Handling of Length Parameter Inconsistency",
"description": "The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data."
},
{
"name": "CWE-131: Incorrect Calculation of Buffer Size",
"description": "The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow."
},
{
"name": "CWE-134: Use of Externally-Controlled Format String",
"description": "The product uses a function that accepts a format string as an argument, but the format string originates from an external source."
},
{
"name": "CWE-135: Incorrect Calculation of Multi-Byte String Length",
"description": "The product does not correctly calculate the length of strings that can contain wide or multi-byte characters."
},
{
"name": "CWE-138: Improper Neutralization of Special Elements",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as control elements or syntactic markers when they are sent to a downstream component."
},
{
"name": "CWE-140: Improper Neutralization of Delimiters",
"description": "The product does not neutralize or incorrectly neutralizes delimiters."
},
{
"name": "CWE-141: Improper Neutralization of Parameter/Argument Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component."
},
{
"name": "CWE-142: Improper Neutralization of Value Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as value delimiters when they are sent to a downstream component."
},
{
"name": "CWE-143: Improper Neutralization of Record Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as record delimiters when they are sent to a downstream component."
},
{
"name": "CWE-144: Improper Neutralization of Line Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as line delimiters when they are sent to a downstream component."
},
{
"name": "CWE-145: Improper Neutralization of Section Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as section delimiters when they are sent to a downstream component."
},
{
"name": "CWE-146: Improper Neutralization of Expression/Command Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as expression or command delimiters when they are sent to a downstream component."
},
{
"name": "CWE-147: Improper Neutralization of Input Terminators",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as input terminators when they are sent to a downstream component."
},
{
"name": "CWE-148: Improper Neutralization of Input Leaders",
"description": "The product does not properly handle when a leading character or sequence (\"leader\") is missing or malformed, or if multiple leaders are used when only one should be allowed."
},
{
"name": "CWE-149: Improper Neutralization of Quoting Syntax",
"description": "Quotes injected into a product can be used to compromise a system. As data are parsed, an injected/absent/duplicate/malformed use of quotes may cause the process to take unexpected actions."
},
{
"name": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component."
},
{
"name": "CWE-151: Improper Neutralization of Comment Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as comment delimiters when they are sent to a downstream component."
},
{
"name": "CWE-152: Improper Neutralization of Macro Symbols",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as macro symbols when they are sent to a downstream component."
},
{
"name": "CWE-153: Improper Neutralization of Substitution Characters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as substitution characters when they are sent to a downstream component."
},
{
"name": "CWE-154: Improper Neutralization of Variable Name Delimiters",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as variable name delimiters when they are sent to a downstream component."
},
{
"name": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as wildcards or matching symbols when they are sent to a downstream component."
},
{
"name": "CWE-156: Improper Neutralization of Whitespace",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as whitespace when they are sent to a downstream component."
},
{
"name": "CWE-157: Failure to Sanitize Paired Delimiters",
"description": "The product does not properly handle the characters that are used to mark the beginning and ending of a group of entities, such as parentheses, brackets, and braces."
},
{
"name": "CWE-158: Improper Neutralization of Null Byte or NUL Character",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component."
},
{
"name": "CWE-159: Improper Handling of Invalid Use of Special Elements",
"description": "The product does not properly filter, remove, quote, or otherwise manage the invalid use of special elements in user-controlled input, which could cause adverse effect on its behavior and integrity."
},
{
"name": "CWE-160: Improper Neutralization of Leading Special Elements",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes leading special elements that could be interpreted in unexpected ways when they are sent to a downstream component."
},
{
"name": "CWE-161: Improper Neutralization of Multiple Leading Special Elements",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes multiple leading special elements that could be interpreted in unexpected ways when they are sent to a downstream component."
},
{
"name": "CWE-162: Improper Neutralization of Trailing Special Elements",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes trailing special elements that could be interpreted in unexpected ways when they are sent to a downstream component."
},
{
"name": "CWE-163: Improper Neutralization of Multiple Trailing Special Elements",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes multiple trailing special elements that could be interpreted in unexpected ways when they are sent to a downstream component."
},
{
"name": "CWE-164: Improper Neutralization of Internal Special Elements",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes internal special elements that could be interpreted in unexpected ways when they are sent to a downstream component."
},
{
"name": "CWE-165: Improper Neutralization of Multiple Internal Special Elements",
"description": "The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes multiple internal special elements that could be interpreted in unexpected ways when they are sent to a downstream component."
},
{
"name": "CWE-166: Improper Handling of Missing Special Element",
"description": "The product receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing."
},
{
"name": "CWE-167: Improper Handling of Additional Special Element",
"description": "The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided."
},
{
"name": "CWE-168: Improper Handling of Inconsistent Special Elements",
"description": "The product does not properly handle input in which an inconsistency exists between two or more special characters or reserved words."
},
{
"name": "CWE-170: Improper Null Termination",
"description": "The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator."
},
{
"name": "CWE-172: Encoding Error",
"description": "The product does not properly encode or decode the data, resulting in unexpected values."
},
{
"name": "CWE-173: Improper Handling of Alternate Encoding",
"description": "The product does not properly handle when an input uses an alternate encoding that is valid for the control sphere to which the input is being sent."
},
{
"name": "CWE-174: Double Decoding of the Same Data",
"description": "The product decodes the same input twice, which can limit the effectiveness of any protection mechanism that occurs in between the decoding operations."
},
{
"name": "CWE-175: Improper Handling of Mixed Encoding",
"description": "The product does not properly handle when the same input uses several different (mixed) encodings."
},
{
"name": "CWE-176: Improper Handling of Unicode Encoding",
"description": "The product does not properly handle when an input contains Unicode encoding."
},
{
"name": "CWE-177: Improper Handling of URL Encoding (Hex Encoding)",
"description": "The product does not properly handle when all or part of an input has been URL encoded."
},
{
"name": "CWE-178: Improper Handling of Case Sensitivity",
"description": "The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results."
},
{
"name": "CWE-179: Incorrect Behavior Order: Early Validation",
"description": "The product validates input before applying protection mechanisms that modify the input, which could allow an attacker to bypass the validation via dangerous inputs that only arise after the modification."
},
{
"name": "CWE-180: Incorrect Behavior Order: Validate Before Canonicalize",
"description": "The product validates input before it is canonicalized, which prevents the product from detecting data that becomes invalid after the canonicalization step."
},
{
"name": "CWE-181: Incorrect Behavior Order: Validate Before Filter",
"description": "The product validates data before it has been filtered, which prevents the product from detecting data that becomes invalid after the filtering step."
},
{
"name": "CWE-182: Collapse of Data into Unsafe Value",
"description": "The product filters data in a way that causes it to be reduced or \"collapsed\" into an unsafe value that violates an expected security property."
},
{
"name": "CWE-183: Permissive List of Allowed Inputs",
"description": "The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses."
},
{
"name": "CWE-184: Incomplete List of Disallowed Inputs",
"description": "The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete."
},
{
"name": "CWE-185: Incorrect Regular Expression",
"description": "The product specifies a regular expression in a way that causes data to be improperly matched or compared."
},
{
"name": "CWE-186: Overly Restrictive Regular Expression",
"description": "A regular expression is overly restrictive, which prevents dangerous values from being detected."
},
{
"name": "CWE-187: Partial String Comparison",
"description": "The product performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring, leading to resultant weaknesses."
},
{
"name": "CWE-188: Reliance on Data/Memory Layout",
"description": "The product makes invalid assumptions about how protocol data or memory is organized at a lower level, resulting in unintended program behavior."
},
{
"name": "CWE-190: Integer Overflow or Wraparound",
"description": "The product performs a calculation that can\n produce an integer overflow or wraparound when the logic\n assumes that the resulting value will always be larger than\n the original value. This occurs when an integer value is\n incremented to a value that is too large to store in the\n associated representation. When this occurs, the value may\n become a very small or negative number."
},
{
"name": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"description": "The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result."
},
{
"name": "CWE-192: Integer Coercion Error",
"description": "Integer coercion refers to a set of flaws pertaining to the type casting, extension, or truncation of primitive data types."
},
{
"name": "CWE-193: Off-by-one Error",
"description": "A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value."
},
{
"name": "CWE-194: Unexpected Sign Extension",
"description": "The product performs an operation on a number that causes it to be sign extended when it is transformed into a larger data type. When the original number is negative, this can produce unexpected values that lead to resultant weaknesses."
},
{
"name": "CWE-195: Signed to Unsigned Conversion Error",
"description": "The product uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if the value of the signed primitive can not be represented using an unsigned primitive."
},
{
"name": "CWE-196: Unsigned to Signed Conversion Error",
"description": "The product uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive."
},
{
"name": "CWE-197: Numeric Truncation Error",
"description": "Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion."
},
{
"name": "CWE-198: Use of Incorrect Byte Ordering",
"description": "The product receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causing an incorrect number or value to be used."
},
{
"name": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."
},
{
"name": "CWE-201: Insertion of Sensitive Information Into Sent Data",
"description": "The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor."
},
{
"name": "CWE-202: Exposure of Sensitive Information Through Data Queries",
"description": "When trying to keep information confidential, an attacker can often infer some of the information by using statistics."
},
{
"name": "CWE-203: Observable Discrepancy",
"description": "The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not."
},
{
"name": "CWE-204: Observable Response Discrepancy",
"description": "The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere."
},
{
"name": "CWE-205: Observable Behavioral Discrepancy",
"description": "The product's behaviors indicate important differences that may be observed by unauthorized actors in a way that reveals (1) its internal state or decision process, or (2) differences from other products with equivalent functionality."
},
{
"name": "CWE-206: Observable Internal Behavioral Discrepancy",
"description": "The product performs multiple behaviors that are combined to produce a single result, but the individual behaviors are observable separately in a way that allows attackers to reveal internal state or internal decision points."
},
{
"name": "CWE-207: Observable Behavioral Discrepancy With Equivalent Products",
"description": "The product operates in an environment in which its existence or specific identity should not be known, but it behaves differently than other products with equivalent functionality, in a way that is observable to an attacker."
},
{
"name": "CWE-208: Observable Timing Discrepancy",
"description": "Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not."
},
{
"name": "CWE-209: Generation of Error Message Containing Sensitive Information",
"description": "The product generates an error message that includes sensitive information about its environment, users, or associated data."
},
{
"name": "CWE-210: Self-generated Error Message Containing Sensitive Information",
"description": "The product identifies an error condition and creates its own diagnostic or error messages that contain sensitive information."
},
{
"name": "CWE-211: Externally-Generated Error Message Containing Sensitive Information",
"description": "The product performs an operation that triggers an external diagnostic or error message that is not directly generated or controlled by the product, such as an error generated by the programming language interpreter that a software application uses. The error can contain sensitive system information."
},
{
"name": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
"description": "The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors."
},
{
"name": "CWE-213: Exposure of Sensitive Information Due to Incompatible Policies",
"description": "The product's intended functionality exposes information to certain actors in accordance with the developer's security policy, but this information is regarded as sensitive according to the intended security policies of other stakeholders such as the product's administrator, users, or others whose information is being processed."
},
{
"name": "CWE-214: Invocation of Process Using Visible Sensitive Information",
"description": "A process is invoked with sensitive command-line arguments, environment variables, or other elements that can be seen by other processes on the operating system."
},
{
"name": "CWE-215: Insertion of Sensitive Information Into Debugging Code",
"description": "The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production."
},
{
"name": "CWE-219: Storage of File with Sensitive Data Under Web Root",
"description": "The product stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties."
},
{
"name": "CWE-220: Storage of File With Sensitive Data Under FTP Root",
"description": "The product stores sensitive data under the FTP server root with insufficient access control, which might make it accessible to untrusted parties."
},
{
"name": "CWE-221: Information Loss or Omission",
"description": "The product does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis."
},
{
"name": "CWE-222: Truncation of Security-relevant Information",
"description": "The product truncates the display, recording, or processing of security-relevant information in a way that can obscure the source or nature of an attack."
},
{
"name": "CWE-223: Omission of Security-relevant Information",
"description": "The product does not record or display information that would be important for identifying the source or nature of an attack, or determining if an action is safe."
},
{
"name": "CWE-224: Obscured Security-relevant Information by Alternate Name",
"description": "The product records security-relevant information according to an alternate name of the affected entity, instead of the canonical name."
},
{
"name": "CWE-226: Sensitive Information in Resource Not Removed Before Reuse",
"description": "The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or \"zeroize\" the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities."
},
{
"name": "CWE-228: Improper Handling of Syntactically Invalid Structure",
"description": "The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification."
},
{
"name": "CWE-229: Improper Handling of Values",
"description": "The product does not properly handle when the expected number of values for parameters, fields, or arguments is not provided in input, or if those values are undefined."
},
{
"name": "CWE-230: Improper Handling of Missing Values",
"description": "The product does not handle or incorrectly handles when a parameter, field, or argument name is specified, but the associated value is missing, i.e. it is empty, blank, or null."
},
{
"name": "CWE-231: Improper Handling of Extra Values",
"description": "The product does not handle or incorrectly handles when more values are provided than expected."
},
{
"name": "CWE-232: Improper Handling of Undefined Values",
"description": "The product does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name."
},
{
"name": "CWE-233: Improper Handling of Parameters",
"description": "The product does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined."
},
{
"name": "CWE-234: Failure to Handle Missing Parameter",
"description": "If too few arguments are sent to a function, the function will still pop the expected number of arguments from the stack. Potentially, a variable number of arguments could be exhausted in a function as well."
},
{
"name": "CWE-235: Improper Handling of Extra Parameters",
"description": "The product does not handle or incorrectly handles when the number of parameters, fields, or arguments with the same name exceeds the expected amount."
},
{
"name": "CWE-236: Improper Handling of Undefined Parameters",
"description": "The product does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product."
},
{
"name": "CWE-237: Improper Handling of Structural Elements",
"description": "The product does not handle or incorrectly handles inputs that are related to complex structures."
},
{
"name": "CWE-238: Improper Handling of Incomplete Structural Elements",
"description": "The product does not handle or incorrectly handles when a particular structural element is not completely specified."
},
{
"name": "CWE-239: Failure to Handle Incomplete Element",
"description": "The product does not properly handle when a particular element is not completely specified."
},
{
"name": "CWE-240: Improper Handling of Inconsistent Structural Elements",
"description": "The product does not handle or incorrectly handles when two or more structural elements should be consistent, but are not."
},
{
"name": "CWE-241: Improper Handling of Unexpected Data Type",
"description": "The product does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z)."
},
{
"name": "CWE-242: Use of Inherently Dangerous Function",
"description": "The product calls a function that can never be guaranteed to work safely."
},
{
"name": "CWE-243: Creation of chroot Jail Without Changing Working Directory",
"description": "The product uses the chroot() system call to create a jail, but does not change the working directory afterward. This does not prevent access to files outside of the jail."
},
{
"name": "CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection')",
"description": "Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory."
},
{
"name": "CWE-245: J2EE Bad Practices: Direct Management of Connections",
"description": "The J2EE application directly manages connections, instead of using the container's connection management facilities."
},
{
"name": "CWE-246: J2EE Bad Practices: Direct Use of Sockets",
"description": "The J2EE application directly uses sockets instead of using framework method calls."
},
{
"name": "CWE-248: Uncaught Exception",
"description": "An exception is thrown from a function, but it is not caught."
},
{
"name": "CWE-250: Execution with Unnecessary Privileges",
"description": "The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses."
},
{
"name": "CWE-252: Unchecked Return Value",
"description": "The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions."
},
{
"name": "CWE-253: Incorrect Check of Function Return Value",
"description": "The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions."
},
{
"name": "CWE-256: Plaintext Storage of a Password",
"description": "Storing a password in plaintext may result in a system compromise."
},
{
"name": "CWE-257: Storing Passwords in a Recoverable Format",
"description": "The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts."
},
{
"name": "CWE-258: Empty Password in Configuration File",
"description": "Using an empty string as a password is insecure."
},
{
"name": "CWE-259: Use of Hard-coded Password",
"description": "The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components."
},
{
"name": "CWE-260: Password in Configuration File",
"description": "The product stores a password in a configuration file that might be accessible to actors who do not know the password."
},
{
"name": "CWE-261: Weak Encoding for Password",
"description": "Obscuring a password with a trivial encoding does not protect the password."
},
{
"name": "CWE-262: Not Using Password Aging",
"description": "The product does not have a mechanism in place for managing password aging."
},
{
"name": "CWE-263: Password Aging with Long Expiration",
"description": "The product supports password aging, but the expiration period is too long."
},
{
"name": "CWE-266: Incorrect Privilege Assignment",
"description": "A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor."
},
{
"name": "CWE-267: Privilege Defined With Unsafe Actions",
"description": "A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity."
},
{
"name": "CWE-268: Privilege Chaining",
"description": "Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination."
},
{
"name": "CWE-269: Improper Privilege Management",
"description": "The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor."
},
{
"name": "CWE-270: Privilege Context Switching Error",
"description": "The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control."
},
{
"name": "CWE-271: Privilege Dropping / Lowering Errors",
"description": "The product does not drop privileges before passing control of a resource to an actor that does not have those privileges."
},
{
"name": "CWE-272: Least Privilege Violation",
"description": "The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed."
},
{
"name": "CWE-273: Improper Check for Dropped Privileges",
"description": "The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded."
},
{
"name": "CWE-274: Improper Handling of Insufficient Privileges",
"description": "The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses."
},
{
"name": "CWE-276: Incorrect Default Permissions",
"description": "During installation, installed file permissions are set to allow anyone to modify those files."
},
{
"name": "CWE-277: Insecure Inherited Permissions",
"description": "A product defines a set of insecure permissions that are inherited by objects that are created by the program."
},
{
"name": "CWE-278: Insecure Preserved Inherited Permissions",
"description": "A product inherits a set of insecure permissions for an object, e.g. when copying from an archive file, without user awareness or involvement."
},
{
"name": "CWE-279: Incorrect Execution-Assigned Permissions",
"description": "While it is executing, the product sets the permissions of an object in a way that violates the intended permissions that have been specified by the user."
},
{
"name": "CWE-280: Improper Handling of Insufficient Permissions or Privileges ",
"description": "The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state."
},
{
"name": "CWE-281: Improper Preservation of Permissions",
"description": "The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended."
},
{
"name": "CWE-282: Improper Ownership Management",
"description": "The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource."
},
{
"name": "CWE-283: Unverified Ownership",
"description": "The product does not properly verify that a critical resource is owned by the proper entity."
},
{
"name": "CWE-284: Improper Access Control",
"description": "The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor."
},
{
"name": "CWE-285: Improper Authorization",
"description": "The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action."
},
{
"name": "CWE-286: Incorrect User Management",
"description": "The product does not properly manage a user within its environment."
},
{
"name": "CWE-287: Improper Authentication",
"description": "When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct."
},
{
"name": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
"description": "The product requires authentication, but the product has an alternate path or channel that does not require authentication."
},
{
"name": "CWE-289: Authentication Bypass by Alternate Name",
"description": "The product performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor."
},
{
"name": "CWE-290: Authentication Bypass by Spoofing",
"description": "This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks."