Category: Comprehensive Categorization: Access Control
Incomplete
Summary
Weaknesses in this category are related to access control.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1004 | Sensitive Cookie Without 'HttpOnly' Flag | The product uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag. |
| CWE-1021 | Improper Restriction of Rendered UI Layers or Frames | The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. |
| CWE-1022 | Use of Web Link to Untrusted Target with window.opener Access | The web application produces links to untrusted external sites outside of its sphere of control, but it does not properly prevent the external site from modifying security-critical properties of the window.opener object, such as the location property. |
| CWE-1191 | On-Chip Debug and Test Interface With Improper Access Control | The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface. |
| CWE-1220 | Insufficient Granularity of Access Control | The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets. |
| CWE-1222 | Insufficient Granularity of Address Regions Protected by Register Locks | The product defines a large address region protected from modification by the same register lock control bit. This results in a conflict between the functional requirement that some addresses need to be writable by software during operation and the security requirement that the system configuration lock bit must be set during the boot process. |
| CWE-1224 | Improper Restriction of Write-Once Bit Fields | The hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software. |
| CWE-1230 | Exposure of Sensitive Information Through Metadata | The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information. |
| CWE-1231 | Improper Prevention of Lock Bit Modification | The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set. |
| CWE-1233 | Security-Sensitive Hardware Controls with Missing Lock Bit Protection | The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration. |
| CWE-1242 | Inclusion of Undocumented Features or Chicken Bits | The device includes chicken bits or undocumented features that can create entry points for unauthorized actors. |
| CWE-1243 | Sensitive Non-Volatile Information Not Protected During Debug | Access to security-sensitive information stored in fuses is not limited during debug. |
| CWE-1244 | Internal Asset Exposed to Unsafe Debug Access Level or State | The product uses physical debug or test interfaces with support for multiple access levels, but it assigns the wrong debug access level to an internal asset, providing unintended access to the asset from untrusted debug agents. |
| CWE-1252 | CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations | The CPU is not configured to provide hardware support for exclusivity of write and execute operations on memory. This allows an attacker to execute data from all of memory. |
| CWE-1256 | Improper Restriction of Software Interfaces to Hardware Features | The product provides software-controllable device functionality for capabilities such as power and clock management, but it does not properly limit functionality that can lead to modification of hardware memory or register bits, or the ability to observe physical side channels. |
| CWE-1257 | Improper Access Control Applied to Mirrored or Aliased Memory Regions | Aliased or mirrored memory regions in hardware designs may have inconsistent read/write permissions enforced by the hardware. A possible result is that an untrusted agent is blocked from accessing a memory region but is not blocked from accessing the corresponding aliased memory region. |
| CWE-1259 | Improper Restriction of Security Token Assignment | The System-On-A-Chip (SoC) implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens are improperly protected. |
| CWE-1260 | Improper Handling of Overlap Between Protected Memory Ranges | The product allows address regions to overlap, which can result in the bypassing of intended memory protection. |
| CWE-1262 | Improper Access Control for Register Interface | The product uses memory-mapped I/O registers that act as an interface to hardware functionality from software, but there is improper access control to those registers. |
| CWE-1263 | Improper Physical Access Control | The product is designed with access restricted to certain information, but it does not sufficiently protect against an unauthorized actor with physical access to these areas. |
| CWE-1267 | Policy Uses Obsolete Encoding | The product uses an obsolete encoding mechanism to implement access controls. |
| CWE-1268 | Policy Privileges are not Assigned Consistently Between Control and Data Agents | The product's hardware-enforced access control for a particular resource improperly accounts for privilege discrepancies between control and write policies. |
| CWE-1270 | Generation of Incorrect Security Tokens | The product implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens generated in the system are incorrect. |
| CWE-1274 | Improper Access Control for Volatile Memory Containing Boot Code | The product conducts a secure-boot process that transfers bootloader code from Non-Volatile Memory (NVM) into Volatile Memory (VM), but it does not have sufficient access control or other protections for the Volatile Memory. |
| CWE-1275 | Sensitive Cookie with Improper SameSite Attribute | The SameSite attribute for sensitive cookies is not set, or an insecure value is used. |
| CWE-1276 | Hardware Child Block Incorrectly Connected to Parent System | Signals between a hardware IP and the parent system design are incorrectly connected causing security risks. |
| CWE-1283 | Mutable Attestation or Measurement Reporting Data | The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary. |
| CWE-1290 | Incorrect Decoding of Security Identifiers | The product implements a decoding mechanism to decode certain bus-transaction signals to security identifiers. If the decoding is implemented incorrectly, then untrusted agents can now gain unauthorized access to the asset. |
| CWE-1292 | Incorrect Conversion of Security Identifiers | The product implements a conversion mechanism to map certain bus-transaction signals to security identifiers. However, if the conversion is incorrectly implemented, untrusted agents can gain unauthorized access to the asset. |
| CWE-1294 | Insecure Security Identifier Mechanism | The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented. |
| CWE-1296 | Incorrect Chaining or Granularity of Debug Components | The product's debug components contain incorrect chaining or granularity of debug components. |
| CWE-1297 | Unprotected Confidential Information on Device is Accessible by OSAT Vendors | The product does not adequately protect confidential information on the device from being accessed by Outsourced Semiconductor Assembly and Test (OSAT) vendors. |
| CWE-1299 | Missing Protection Mechanism for Alternate Hardware Interface | The lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external facing unguarded interfaces) allows an attacker to bypass existing protections to the asset that are only performed against the primary path. |
| CWE-13 | ASP.NET Misconfiguration: Password in Configuration File | Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attackers. |
| CWE-1302 | Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC) | The product implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. A transaction is sent without a security identifier. |
| CWE-1304 | Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation | The product performs a power save/restore operation, but it does not ensure that the integrity of the configuration state is maintained and/or verified between the beginning and ending of the operation. |
| CWE-1311 | Improper Translation of Security Attributes by Fabric Bridge | The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another. |
| CWE-1312 | Missing Protection for Mirrored Regions in On-Chip Fabric Firewall | The firewall in an on-chip fabric protects the main addressed region, but it does not protect any mirrored memory or memory-mapped-IO (MMIO) regions. |
| CWE-1313 | Hardware Allows Activation of Test or Debug Logic at Runtime | During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This feature can alter the intended behavior of the system and allow for alteration and leakage of sensitive data by an adversary. |
| CWE-1314 | Missing Write Protection for Parametric Data Values | The device does not write-protect the parametric data values for sensors that scale the sensor value, allowing untrusted software to manipulate the apparent result and potentially damage hardware or cause operational failure. |
| CWE-1315 | Improper Setting of Bus Controlling Capability in Fabric End-point | The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric. |
| CWE-1316 | Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges | The address map of the on-chip fabric has protected and unprotected regions overlapping, allowing an attacker to bypass access control to the overlapping portion of the protected region. |
| CWE-1317 | Improper Access Control in Fabric Bridge | The product uses a fabric bridge for transactions between two Intellectual Property (IP) blocks, but the bridge does not properly perform the expected privilege, identity, or other access control checks between those IP blocks. |
| CWE-1320 | Improper Protection for Outbound Error Messages and Alert Signals | Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts. |
| CWE-1323 | Improper Management of Sensitive Trace Data | Trace data collected from several sources on the System-on-Chip (SoC) is stored in unprotected locations or transported to untrusted agents. |
| CWE-1328 | Security Version Number Mutable to Older Versions | Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions. |
| CWE-1334 | Unauthorized Error Injection Can Degrade Hardware Redundancy | An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode. |
| CWE-1390 | Weak Authentication | The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct. |
| CWE-1391 | Use of Weak Credentials | The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker. |
| CWE-1392 | Use of Default Credentials | The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality. |
| CWE-1393 | Use of Default Password | The product uses default passwords for potentially critical functionality. |
| CWE-1394 | Use of Default Cryptographic Key | The product uses a default cryptographic key for potentially critical functionality. |
| CWE-202 | Exposure of Sensitive Information Through Data Queries | When trying to keep information confidential, an attacker can often infer some of the information by using statistics. |
| CWE-256 | Plaintext Storage of a Password | The product stores a password in plaintext within resources such as memory or files. |
| CWE-257 | Storing Passwords in a Recoverable Format | The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts. |
| CWE-258 | Empty Password in Configuration File | Using an empty string as a password is insecure. |
| CWE-259 | Use of Hard-coded Password | The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components. |
| CWE-260 | Password in Configuration File | The product stores a password in a configuration file that might be accessible to actors who do not know the password. |
| CWE-261 | Weak Encoding for Password | Obscuring a password with a trivial encoding does not protect the password. |
| CWE-262 | Not Using Password Aging | The product does not have a mechanism in place for managing password aging. |
| CWE-263 | Password Aging with Long Expiration | The product supports password aging, but the expiration period is too long. |
| CWE-266 | Incorrect Privilege Assignment | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
| CWE-267 | Privilege Defined With Unsafe Actions | A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity. |
| CWE-268 | Privilege Chaining | Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination. |
| CWE-269 | Improper Privilege Management | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
| CWE-270 | Privilege Context Switching Error | The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control. |
| CWE-271 | Privilege Dropping / Lowering Errors | The product does not drop privileges before passing control of a resource to an actor that does not have those privileges. |
| CWE-272 | Least Privilege Violation | The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed. |
| CWE-273 | Improper Check for Dropped Privileges | The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded. |
| CWE-274 | Improper Handling of Insufficient Privileges | The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses. |
| CWE-276 | Incorrect Default Permissions | During installation, installed file permissions are set to allow anyone to modify those files. |
| CWE-277 | Insecure Inherited Permissions | A product defines a set of insecure permissions that are inherited by objects that are created by the program. |
| CWE-278 | Insecure Preserved Inherited Permissions | A product inherits a set of insecure permissions for an object, e.g. when copying from an archive file, without user awareness or involvement. |
| CWE-279 | Incorrect Execution-Assigned Permissions | While it is executing, the product sets the permissions of an object in a way that violates the intended permissions that have been specified by the user. |
| CWE-280 | Improper Handling of Insufficient Permissions or Privileges | The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state. |
| CWE-281 | Improper Preservation of Permissions | The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended. |
| CWE-282 | Improper Ownership Management | The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource. |
| CWE-283 | Unverified Ownership | The product does not properly verify that a critical resource is owned by the proper entity. |
| CWE-284 | Improper Access Control | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-285 | Improper Authorization | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-286 | Incorrect User Management | The product does not properly manage a user within its environment. |
| CWE-287 | Improper Authentication | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
| CWE-288 | Authentication Bypass Using an Alternate Path or Channel | The product requires authentication, but the product has an alternate path or channel that does not require authentication. |
| CWE-289 | Authentication Bypass by Alternate Name | The product performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor. |
| CWE-290 | Authentication Bypass by Spoofing | This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks. |
| CWE-291 | Reliance on IP Address for Authentication | The product uses an IP address for authentication. |
| CWE-293 | Using Referer Field for Authentication | The referer field in HTTP requests can be easily modified and, as such, is not a valid means of message integrity checking. |
| CWE-294 | Authentication Bypass by Capture-replay | A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes). |
| CWE-295 | Improper Certificate Validation | The product does not validate, or incorrectly validates, a certificate. |
| CWE-296 | Improper Following of a Certificate's Chain of Trust | The product does not follow, or incorrectly follows, the chain of trust for a certificate back to a trusted root certificate, resulting in incorrect trust of any resource that is associated with that certificate. |
| CWE-297 | Improper Validation of Certificate with Host Mismatch | The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host. |
| CWE-298 | Improper Validation of Certificate Expiration | A certificate expiration is not validated or is incorrectly validated, so trust may be assigned to certificates that have been abandoned due to age. |
| CWE-299 | Improper Check for Certificate Revocation | The product does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised. |
| CWE-300 | Channel Accessible by Non-Endpoint | The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint. |
| CWE-301 | Reflection Attack in an Authentication Protocol | Simple authentication protocols are subject to reflection attacks if a malicious user can use the target machine to impersonate a trusted user. |
| CWE-302 | Authentication Bypass by Assumed-Immutable Data | The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker. |
| CWE-303 | Incorrect Implementation of Authentication Algorithm | The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect. |
| CWE-304 | Missing Critical Step in Authentication | The product implements an authentication technique, but it skips a step that weakens the technique. |
| CWE-305 | Authentication Bypass by Primary Weakness | The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error. |
| CWE-306 | Missing Authentication for Critical Function | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
| CWE-307 | Improper Restriction of Excessive Authentication Attempts | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame. |
| CWE-308 | Use of Single-factor Authentication | The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. |
| CWE-309 | Use of Password System for Primary Authentication | The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism. |
| CWE-321 | Use of Hard-coded Cryptographic Key | The product uses a hard-coded, unchangeable cryptographic key. |
| CWE-322 | Key Exchange without Entity Authentication | The product performs a key exchange with an actor without verifying the identity of that actor. |
| CWE-350 | Reliance on Reverse DNS Resolution for a Security-Critical Action | The product performs reverse DNS resolution on an IP address to obtain the hostname and make a security decision, but it does not properly ensure that the IP address is truly associated with the hostname. |
| CWE-370 | Missing Check for Certificate Revocation after Initial Check | The product does not check the revocation status of a certificate after its initial revocation check, which can cause the product to perform privileged actions even after the certificate is revoked at a later time. |
| CWE-384 | Session Fixation | Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions. |
| CWE-419 | Unprotected Primary Channel | The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel. |
| CWE-420 | Unprotected Alternate Channel | The product protects a primary channel, but it does not use the same level of protection for an alternate channel. |
| CWE-421 | Race Condition During Access to Alternate Channel | The product opens an alternate channel to communicate with an authorized user, but the channel is accessible to other actors. |
| CWE-422 | Unprotected Windows Messaging Channel ('Shatter') | The product does not properly verify the source of a message in the Windows Messaging System while running at elevated privileges, creating an alternate channel through which an attacker can directly send a message to the product. |
| CWE-425 | Direct Request ('Forced Browsing') | The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files. |
| CWE-441 | Unintended Proxy or Intermediary ('Confused Deputy') | The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor. |
| CWE-520 | .NET Misconfiguration: Use of Impersonation | Allowing a .NET application to run at potentially escalated levels of access to the underlying operating and file systems can be dangerous and result in various forms of attacks. |
| CWE-521 | Weak Password Requirements | The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts. |
| CWE-522 | Insufficiently Protected Credentials | The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. |
| CWE-523 | Unprotected Transport of Credentials | Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server. |
| CWE-549 | Missing Password Field Masking | The product does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords. |
| CWE-551 | Incorrect Behavior Order: Authorization Before Parsing and Canonicalization | If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection. |
| CWE-555 | J2EE Misconfiguration: Plaintext Password in Configuration File | The J2EE application stores a plaintext password in a configuration file. |
| CWE-556 | ASP.NET Misconfiguration: Use of Identity Impersonation | Configuring an ASP.NET application to run with impersonated credentials may give the application unnecessary privileges. |
| CWE-566 | Authorization Bypass Through User-Controlled SQL Primary Key | The product uses a database table that includes records that should not be accessible to an actor, but it executes a SQL statement with a primary key that can be controlled by that actor. |
| CWE-593 | Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created | The product modifies the SSL context after connection creation has begun. |
| CWE-599 | Missing Validation of OpenSSL Certificate | The product uses OpenSSL and trusts or uses a certificate without using the SSL_get_verify_result() function to ensure that the certificate satisfies all necessary security requirements. |
| CWE-601 | URL Redirection to Untrusted Site ('Open Redirect') | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
| CWE-603 | Use of Client-Side Authentication | A client/server product performs authentication within client code but not in server code, allowing server-side authentication to be bypassed via a modified client that omits the authentication check. |
| CWE-611 | Improper Restriction of XML External Entity Reference | The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. |
| CWE-612 | Improper Authorization of Index Containing Sensitive Information | The product creates a search index of private or sensitive documents, but it does not properly limit index access to actors who are authorized to see the original information. |
| CWE-613 | Insufficient Session Expiration | According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization." |
| CWE-620 | Unverified Password Change | When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication. |
| CWE-623 | Unsafe ActiveX Control Marked Safe For Scripting | An ActiveX control is intended for restricted use, but it has been marked as safe-for-scripting. |
| CWE-639 | Authorization Bypass Through User-Controlled Key | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
| CWE-640 | Weak Password Recovery Mechanism for Forgotten Password | The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak. |
| CWE-645 | Overly Restrictive Account Lockout Mechanism | The product contains an account lockout protection mechanism, but the mechanism is too restrictive and can be triggered too easily, which allows attackers to deny service to legitimate users by causing their accounts to be locked out. |
| CWE-647 | Use of Non-Canonical URL Paths for Authorization Decisions | The product defines policy namespaces and makes authorization decisions based on the assumption that a URL is canonical. This can allow a non-canonical URL to bypass the authorization. |
| CWE-648 | Incorrect Use of Privileged APIs | The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly. |
| CWE-708 | Incorrect Ownership Assignment | The product assigns an owner to a resource, but the owner is outside of the intended control sphere. |
| CWE-732 | Incorrect Permission Assignment for Critical Resource | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
| CWE-798 | Use of Hard-coded Credentials | The product contains hard-coded credentials, such as a password or cryptographic key. |
| CWE-804 | Guessable CAPTCHA | The product uses a CAPTCHA challenge, but the challenge can be guessed or automatically recognized by a non-human actor. |
| CWE-836 | Use of Password Hash Instead of Password for Authentication | The product records password hashes in a data store, receives a hash of a password from a client, and compares the supplied hash to the hash obtained from the data store. |
| CWE-842 | Placement of User into Incorrect Group | The product or the administrator places a user into an incorrect group. |
| CWE-862 | Missing Authorization | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-863 | Incorrect Authorization | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
| CWE-9 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | If elevated access rights are assigned to EJB methods, then an attacker can take advantage of the permissions to exploit the product. |
| CWE-918 | Server-Side Request Forgery (SSRF) | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
| CWE-921 | Storage of Sensitive Data in a Mechanism without Access Control | The product stores sensitive information in a file system or device that does not have built-in access control. |
| CWE-923 | Improper Restriction of Communication Channel to Intended Endpoints | The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint. |
| CWE-925 | Improper Verification of Intent by Broadcast Receiver | The Android application uses a Broadcast Receiver that receives an Intent but does not properly verify that the Intent came from an authorized source. |
| CWE-926 | Improper Export of Android Application Components | The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains. |
| CWE-927 | Use of Implicit Intent for Sensitive Communication | The Android application uses an implicit intent for transmitting sensitive data to other applications. |
| CWE-939 | Improper Authorization in Handler for Custom URL Scheme | The product uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme. |
| CWE-940 | Improper Verification of Source of a Communication Channel | The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin. |
| CWE-941 | Incorrectly Specified Destination in a Communication Channel | The product creates a communication channel to initiate an outgoing request to an actor, but it does not correctly specify the intended destination for that actor. |
| CWE-942 | Permissive Cross-domain Security Policy with Untrusted Domains | The product uses a web-client protection mechanism such as a Content Security Policy (CSP) or cross-domain policy file, but the policy includes untrusted domains with which the web client is allowed to communicate. |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1330].
Comment:
See member weaknesses of this category.