Category: Comprehensive Categorization: Exposed Resource
Incomplete
Summary
Weaknesses in this category are related to exposed resource.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-114 | Process Control | Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker. |
| CWE-1282 | Assumed-Immutable Data is Stored in Writable Memory | Immutable data, such as a first-stage bootloader, device identifiers, and "write-once" configuration settings are stored in writable memory that can be re-programmed or updated in the field. |
| CWE-1327 | Binding to an Unrestricted IP Address | The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely. |
| CWE-15 | External Control of System or Configuration Setting | One or more system settings or configuration elements can be externally controlled by a user. |
| CWE-219 | Storage of File with Sensitive Data Under Web Root | The product stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties. |
| CWE-220 | Storage of File With Sensitive Data Under FTP Root | The product stores sensitive data under the FTP server root with insufficient access control, which might make it accessible to untrusted parties. |
| CWE-374 | Passing Mutable Objects to an Untrusted Method | The product sends non-cloned mutable data as an argument to a method or function. |
| CWE-375 | Returning a Mutable Object to an Untrusted Caller | Sending non-cloned mutable data as a return value may result in that data being altered or deleted by the calling function. |
| CWE-377 | Insecure Temporary File | Creating and using insecure temporary files can leave application and system data vulnerable to attack. |
| CWE-378 | Creation of Temporary File With Insecure Permissions | Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack. |
| CWE-379 | Creation of Temporary File in Directory with Insecure Permissions | The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file. |
| CWE-402 | Transmission of Private Resources into a New Sphere ('Resource Leak') | The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product. |
| CWE-403 | Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') | A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors. |
| CWE-426 | Untrusted Search Path | The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. |
| CWE-427 | Uncontrolled Search Path Element | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
| CWE-428 | Unquoted Search Path or Element | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
| CWE-433 | Unparsed Raw Web Content Delivery | The product stores raw content or supporting code under the web document root with an extension that is not specifically handled by the server. |
| CWE-472 | External Control of Assumed-Immutable Web Parameter | The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields. |
| CWE-488 | Exposure of Data Element to Wrong Session | The product does not sufficiently enforce boundaries between the states of different sessions, causing data to be provided to, or used by, the wrong session. |
| CWE-491 | Public cloneable() Method Without Final ('Object Hijack') | A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state. |
| CWE-492 | Use of Inner Class Containing Sensitive Data | Inner classes are translated into classes that are accessible at package scope and may expose code that the programmer intended to keep private to attackers. |
| CWE-493 | Critical Public Variable Without Final Modifier | The product has a critical public variable that is not final, which allows the variable to be modified to contain unexpected values. |
| CWE-498 | Cloneable Class Containing Sensitive Information | The code contains a class with sensitive data, but the class is cloneable. The data can then be accessed by cloning the class. |
| CWE-499 | Serializable Class Containing Sensitive Data | The code contains a class with sensitive data, but the class does not explicitly deny serialization. The data can be accessed by serializing the class through another class. |
| CWE-500 | Public Static Field Not Marked Final | An object contains a public static field that is not marked final, which might allow it to be modified in unexpected ways. |
| CWE-524 | Use of Cache Containing Sensitive Information | The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere. |
| CWE-525 | Use of Web Browser Cache Containing Sensitive Information | The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached. |
| CWE-527 | Exposure of Version-Control Repository to an Unauthorized Control Sphere | The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors. |
| CWE-528 | Exposure of Core Dump File to an Unauthorized Control Sphere | The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors. |
| CWE-529 | Exposure of Access Control List Files to an Unauthorized Control Sphere | The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere. |
| CWE-530 | Exposure of Backup File to an Unauthorized Control Sphere | A backup file is stored in a directory or archive that is made accessible to unauthorized actors. |
| CWE-539 | Use of Persistent Cookies Containing Sensitive Information | The web application uses persistent cookies, but the cookies contain sensitive information. |
| CWE-552 | Files or Directories Accessible to External Parties | The product makes files or directories accessible to unauthorized actors, even though they should not be. |
| CWE-553 | Command Shell in Externally Accessible Directory | A possible shell file exists in /cgi-bin/ or other accessible directories. This is extremely dangerous and can be used by an attacker to execute commands on the web server. |
| CWE-565 | Reliance on Cookies without Validation and Integrity Checking | The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user. |
| CWE-582 | Array Declared Public, Final, and Static | The product declares an array public, final, and static, which is not sufficient to prevent the array's contents from being modified. |
| CWE-583 | finalize() Method Declared Public | The product violates secure coding principles for mobile code by declaring a finalize() method public. |
| CWE-608 | Struts: Non-private Field in ActionForm Class | An ActionForm class contains a field that has not been declared private, which can be accessed without using a setter or getter. |
| CWE-619 | Dangling Database Cursor ('Cursor Injection') | If a database cursor is not closed properly, then it could become accessible to other users while retaining the same privileges that were originally assigned, leaving the cursor "dangling." |
| CWE-642 | External Control of Critical State Data | The product stores security-critical state information about its users, or the product itself, in a location that is accessible to unauthorized actors. |
| CWE-668 | Exposure of Resource to Wrong Sphere | The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. |
| CWE-73 | External Control of File Name or Path | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
| CWE-767 | Access to Critical Private Variable via Public Method | The product defines a public method that reads or modifies a private variable. |
| CWE-784 | Reliance on Cookies without Validation and Integrity Checking in a Security Decision | The product uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is valid for the associated user. |
| CWE-8 | J2EE Misconfiguration: Entity Bean Declared Remote | When an application exposes a remote interface for an entity bean, it might also expose methods that get or set the bean's data. These methods could be leveraged to read sensitive information, or to change data in ways that violate the application's expectations, potentially leading to other vulnerabilities. |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1330].
Comment:
See member weaknesses of this category.