This view outlines the SMM representation of the Automated Source Code Data Protection Measurement specifications, as identified by the Consortium for Information & Software Quality (CISQ) Working Group.
The following graph shows the tree-like relationships between weaknesses that exist at different levels of abstraction. At the highest level, categories and pillars exist to group weaknesses. Categories (which are not technically weaknesses) are special CWE entries used to group weaknesses that share a common characteristic. Pillars are weaknesses that are described in the most abstract fashion. Below these top-level entries are weaknesses are varying levels of abstraction. Classes are still very abstract, typically independent of any specific language or technology. Base level weaknesses are used to present a more specific type of weakness. A variant is a weakness that is described at a very low level of detail, typically limited to a specific language or technology. A chain is a set of weaknesses that must be reachable consecutively in order to produce an exploitable vulnerability. While a composite is a set of weaknesses that must all be present simultaneously in order to produce an exploitable vulnerability. Show Details:
1340 - CISQ Data Protection Measures
Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Restriction of Operations within the Bounds of a Memory Buffer - (119) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Buffer Overflowbuffer overrunmemory safety Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') - (120) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')) The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Classic Buffer OverflowUnbounded Transfer Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Write-what-where Condition - (123) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 123 (Write-what-where Condition) Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Out-of-bounds Read - (125) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 125 (Out-of-bounds Read) The product reads data past the end, or before the beginning, of the intended buffer.OOB read Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Handling of Length Parameter Inconsistency - (130) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 130 (Improper Handling of Length Parameter Inconsistency) The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.length manipulationlength tampering Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Access of Memory Location Before Start of Buffer - (786) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 786 (Access of Memory Location Before Start of Buffer) The product reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Out-of-bounds Write - (787) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 787 (Out-of-bounds Write) The product writes data past the end, or before the beginning, of the intended buffer.Memory Corruption Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Access of Memory Location After End of Buffer - (788) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 788 (Access of Memory Location After End of Buffer) The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Buffer Access with Incorrect Length Value - (805) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 805 (Buffer Access with Incorrect Length Value) The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Untrusted Pointer Dereference - (822) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 822 (Untrusted Pointer Dereference) The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Use of Out-of-range Pointer Offset - (823) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 823 (Use of Out-of-range Pointer Offset) The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.Untrusted pointer offset Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Access of Uninitialized Pointer - (824) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 824 (Access of Uninitialized Pointer) The product accesses or uses a pointer that has not been initialized. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Expired Pointer Dereference - (825) 1340 (CISQ Data Protection Measures) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) > 825 (Expired Pointer Dereference) The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.Dangling pointer Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Operation on a Resource after Expiration or Release - (672) 1340 (CISQ Data Protection Measures) > 672 (Operation on a Resource after Expiration or Release) The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Double Free - (415) 1340 (CISQ Data Protection Measures) > 672 (Operation on a Resource after Expiration or Release) > 415 (Double Free) The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.Double-free Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Use After Free - (416) 1340 (CISQ Data Protection Measures) > 672 (Operation on a Resource after Expiration or Release) > 416 (Use After Free) The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Dangling pointerUAFUse-After-Free Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Initialization - (665) 1340 (CISQ Data Protection Measures) > 665 (Improper Initialization) The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Missing Initialization of a Variable - (456) 1340 (CISQ Data Protection Measures) > 665 (Improper Initialization) > 456 (Missing Initialization of a Variable) The product does not initialize critical variables, which causes the execution environment to use unexpected values. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Use of Uninitialized Variable - (457) 1340 (CISQ Data Protection Measures) > 665 (Improper Initialization) > 457 (Use of Uninitialized Variable) The code uses a variable that has not been initialized, leading to unpredictable or unintended results. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Resource Shutdown or Release - (404) 1340 (CISQ Data Protection Measures) > 404 (Improper Resource Shutdown or Release) The product does not release or incorrectly releases a resource before it is made available for re-use. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Free of Pointer not at Start of Buffer - (761) 1340 (CISQ Data Protection Measures) > 404 (Improper Resource Shutdown or Release) > 761 (Free of Pointer not at Start of Buffer) The product calls free() on a pointer to a memory resource that was allocated on the heap, but the pointer is not at the start of the buffer. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Mismatched Memory Management Routines - (762) 1340 (CISQ Data Protection Measures) > 404 (Improper Resource Shutdown or Release) > 762 (Mismatched Memory Management Routines) The product attempts to return a memory resource to the system, but it calls a release function that is not compatible with the function that was originally used to allocate that resource. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Release of Invalid Pointer or Reference - (763) 1340 (CISQ Data Protection Measures) > 404 (Improper Resource Shutdown or Release) > 763 (Release of Invalid Pointer or Reference) The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Missing Release of Resource after Effective Lifetime - (772) 1340 (CISQ Data Protection Measures) > 404 (Improper Resource Shutdown or Release) > 772 (Missing Release of Resource after Effective Lifetime) The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Missing Release of File Descriptor or Handle after Effective Lifetime - (775) 1340 (CISQ Data Protection Measures) > 404 (Improper Resource Shutdown or Release) > 775 (Missing Release of File Descriptor or Handle after Effective Lifetime) The product does not release a file descriptor or handle after its effective lifetime has ended, i.e., after the file descriptor/handle is no longer needed. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Restriction of XML External Entity Reference - (611) 1340 (CISQ Data Protection Measures) > 611 (Improper Restriction of XML External Entity Reference) The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.XXE Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Control of Resource Identifiers ('Resource Injection') - (99) 1340 (CISQ Data Protection Measures) > 99 (Improper Control of Resource Identifiers ('Resource Injection')) The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.Insecure Direct Object Reference Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Data within XQuery Expressions ('XQuery Injection') - (652) 1340 (CISQ Data Protection Measures) > 652 (Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')) The product uses external input to dynamically construct an XQuery expression used to retrieve data from an XML database, but it does not neutralize or incorrectly neutralizes that input. This allows an attacker to control the structure of the query. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Data within XPath Expressions ('XPath Injection') - (643) 1340 (CISQ Data Protection Measures) > 643 (Improper Neutralization of Data within XPath Expressions ('XPath Injection')) The product uses external input to dynamically construct an XPath expression used to retrieve data from an XML database, but it does not neutralize or incorrectly neutralizes that input. This allows an attacker to control the structure of the query. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') - (90) 1340 (CISQ Data Protection Measures) > 90 (Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')) The product constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - (89) 1340 (CISQ Data Protection Measures) > 89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')) The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.SQL injectionSQLi Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Neutralization of Special Elements used in a Command ('Command Injection') - (77) 1340 (CISQ Data Protection Measures) > 77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')) The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Command injection Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Executable Regular Expression Error - (624) 1340 (CISQ Data Protection Measures) > 77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')) > 624 (Executable Regular Expression Error) The product uses a regular expression that either (1) contains an executable component with user-controlled inputs, or (2) allows a user to enable execution by inserting pattern modifiers. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') - (78) 1340 (CISQ Data Protection Measures) > 77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')) > 78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')) The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Shell injectionShell metacharactersOS Command Injection Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') - (88) 1340 (CISQ Data Protection Measures) > 77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')) > 88 (Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')) The product constructs a string for a command to be executed by a separate component
in another control sphere, but it does not properly delimit the
intended arguments, options, or switches within that command string. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') - (917) 1340 (CISQ Data Protection Measures) > 77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')) > 917 (Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')) The product constructs all or part of an expression language (EL) statement in a framework such as a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed.EL Injection Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - (79) 1340 (CISQ Data Protection Measures) > 79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')) The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.XSSHTML InjectionCSS Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.XML Injection (aka Blind XPath Injection) - (91) 1340 (CISQ Data Protection Measures) > 91 (XML Injection (aka Blind XPath Injection)) The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Initialization with Hard-Coded Network Resource Configuration Data - (1051) 1340 (CISQ Data Protection Measures) > 1051 (Initialization with Hard-Coded Network Resource Configuration Data) The product initializes data using hard-coded values that act as network resource identifiers. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Protection of Alternate Path - (424) 1340 (CISQ Data Protection Measures) > 424 (Improper Protection of Alternate Path) The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Use of Hard-coded Credentials - (798) 1340 (CISQ Data Protection Measures) > 798 (Use of Hard-coded Credentials) The product contains hard-coded credentials, such as a password or cryptographic key. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Use of Hard-coded Password - (259) 1340 (CISQ Data Protection Measures) > 798 (Use of Hard-coded Credentials) > 259 (Use of Hard-coded Password) The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Use of Hard-coded Cryptographic Key - (321) 1340 (CISQ Data Protection Measures) > 798 (Use of Hard-coded Credentials) > 321 (Use of Hard-coded Cryptographic Key) The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Incorrect Conversion between Numeric Types - (681) 1340 (CISQ Data Protection Measures) > 681 (Incorrect Conversion between Numeric Types) When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Unexpected Sign Extension - (194) 1340 (CISQ Data Protection Measures) > 681 (Incorrect Conversion between Numeric Types) > 194 (Unexpected Sign Extension) The product performs an operation on a number that causes it to be sign extended when it is transformed into a larger data type. When the original number is negative, this can produce unexpected values that lead to resultant weaknesses. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Signed to Unsigned Conversion Error - (195) 1340 (CISQ Data Protection Measures) > 681 (Incorrect Conversion between Numeric Types) > 195 (Signed to Unsigned Conversion Error) The product uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if the value of the signed primitive can not be represented using an unsigned primitive. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Unsigned to Signed Conversion Error - (196) 1340 (CISQ Data Protection Measures) > 681 (Incorrect Conversion between Numeric Types) > 196 (Unsigned to Signed Conversion Error) The product uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Numeric Truncation Error - (197) 1340 (CISQ Data Protection Measures) > 681 (Incorrect Conversion between Numeric Types) > 197 (Numeric Truncation Error) Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Synchronization - (662) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element - (1058) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 1058 (Invokable Control Element in Multi-Thread Context with non-Final Static Storable or Member Element) The code contains a function or method that
operates in a multi-threaded environment but owns an unsafe non-final
static storable or member data element. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Singleton Class Instance Creation without Proper Locking or Synchronization - (1096) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 1096 (Singleton Class Instance Creation without Proper Locking or Synchronization) The product implements a Singleton design pattern but does not use appropriate locking or other synchronization mechanism to ensure that the singleton class is only instantiated once. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Race Condition within a Thread - (366) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 366 (Race Condition within a Thread) If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Use of Singleton Pattern Without Synchronization in a Multithreaded Context - (543) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 543 (Use of Singleton Pattern Without Synchronization in a Multithreaded Context) The product uses the singleton pattern when creating a resource within a multithreaded environment. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Unsynchronized Access to Shared Data in a Multithreaded Context - (567) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 567 (Unsynchronized Access to Shared Data in a Multithreaded Context) The product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Locking - (667) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 667 (Improper Locking) The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Multiple Locks of a Critical Resource - (764) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 764 (Multiple Locks of a Critical Resource) The product locks a critical resource more times than intended, leading to an unexpected state in the system. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Missing Synchronization - (820) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 820 (Missing Synchronization) The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Incorrect Synchronization - (821) 1340 (CISQ Data Protection Measures) > 662 (Improper Synchronization) > 821 (Incorrect Synchronization) The product utilizes a shared resource in a concurrent manner, but it does not correctly synchronize access to the resource. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Incorrect Type Conversion or Cast - (704) 1340 (CISQ Data Protection Measures) > 704 (Incorrect Type Conversion or Cast) The product does not correctly convert an object, resource, or structure from one type to a different type. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Return of Stack Variable Address - (562) 1340 (CISQ Data Protection Measures) > 562 (Return of Stack Variable Address) A function returns the address of a stack variable, which will cause unintended program behavior, typically in the form of a crash. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Null Termination - (170) 1340 (CISQ Data Protection Measures) > 170 (Improper Null Termination) The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator. Variant - a weakness
that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.Improper Validation of Array Index - (129) 1340 (CISQ Data Protection Measures) > 129 (Improper Validation of Array Index) The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.out-of-bounds array indexindex-out-of-rangearray index underflow Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Use of Externally-Controlled Format String - (134) 1340 (CISQ Data Protection Measures) > 134 (Use of Externally-Controlled Format String) The product uses a function that accepts a format string as an argument, but the format string originates from an external source. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Unchecked Input for Loop Condition - (606) 1340 (CISQ Data Protection Measures) > 606 (Unchecked Input for Loop Condition) The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') - (22) 1340 (CISQ Data Protection Measures) > 22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')) The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Directory traversalPath traversal Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Relative Path Traversal - (23) 1340 (CISQ Data Protection Measures) > 22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')) > 23 (Relative Path Traversal) The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.Zip Slip Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Absolute Path Traversal - (36) 1340 (CISQ Data Protection Measures) > 22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')) > 36 (Absolute Path Traversal) The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Unrestricted Upload of File with Dangerous Type - (434) 1340 (CISQ Data Protection Measures) > 434 (Unrestricted Upload of File with Dangerous Type) The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.Unrestricted File Upload Pillar - a weakness that is the most abstract type of weakness and represents a theme for all class/base/variant weaknesses related to it. A Pillar is different from a Category as a Pillar is still technically a type of weakness that describes a mistake, while a Category represents a common characteristic used to group related things.Improper Check or Handling of Exceptional Conditions - (703) 1340 (CISQ Data Protection Measures) > 703 (Improper Check or Handling of Exceptional Conditions) The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Uncaught Exception - (248) 1340 (CISQ Data Protection Measures) > 703 (Improper Check or Handling of Exceptional Conditions) > 248 (Uncaught Exception) An exception is thrown from a function, but it is not caught. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Unchecked Error Condition - (391) 1340 (CISQ Data Protection Measures) > 703 (Improper Check or Handling of Exceptional Conditions) > 391 (Unchecked Error Condition) [PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Missing Report of Error Condition - (392) 1340 (CISQ Data Protection Measures) > 703 (Improper Check or Handling of Exceptional Conditions) > 392 (Missing Report of Error Condition) The product encounters an error but does not provide a status code or return value to indicate that an error has occurred. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Use of Uninitialized Resource - (908) 1340 (CISQ Data Protection Measures) > 908 (Use of Uninitialized Resource) The product uses or accesses a resource that has not been initialized. Pillar - a weakness that is the most abstract type of weakness and represents a theme for all class/base/variant weaknesses related to it. A Pillar is different from a Category as a Pillar is still technically a type of weakness that describes a mistake, while a Category represents a common characteristic used to group related things.Incorrect Calculation - (682) 1340 (CISQ Data Protection Measures) > 682 (Incorrect Calculation) The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Incorrect Calculation of Buffer Size - (131) 1340 (CISQ Data Protection Measures) > 682 (Incorrect Calculation) > 131 (Incorrect Calculation of Buffer Size) The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Divide By Zero - (369) 1340 (CISQ Data Protection Measures) > 682 (Incorrect Calculation) > 369 (Divide By Zero) The product divides a value by zero. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Incorrect Permission Assignment for Critical Resource - (732) 1340 (CISQ Data Protection Measures) > 732 (Incorrect Permission Assignment for Critical Resource) The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Deserialization of Untrusted Data - (502) 1340 (CISQ Data Protection Measures) > 502 (Deserialization of Untrusted Data) The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.Marshaling, UnmarshalingPickling, UnpicklingPHP Object Injection Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Exposure of Sensitive Information Due to Incompatible Policies - (213) 1340 (CISQ Data Protection Measures) > 213 (Exposure of Sensitive Information Due to Incompatible Policies) The product's intended functionality exposes information to certain actors in accordance with the developer's security policy, but this information is regarded as sensitive according to the intended security policies of other stakeholders such as the product's administrator, users, or others whose information is being processed. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Improperly Controlled Modification of Dynamically-Determined Object Attributes - (915) 1340 (CISQ Data Protection Measures) > 915 (Improperly Controlled Modification of Dynamically-Determined Object Attributes) The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified.Mass AssignmentAutoBindingPHP Object Injection Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Missing Encryption of Sensitive Data - (311) 1340 (CISQ Data Protection Measures) > 311 (Missing Encryption of Sensitive Data) The product does not encrypt sensitive or critical information before storage or transmission. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Exposure of Private Personal Information to an Unauthorized Actor - (359) 1340 (CISQ Data Protection Measures) > 359 (Exposure of Private Personal Information to an Unauthorized Actor) The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.Privacy violationPrivacy leakPrivacy leakage Pillar - a weakness that is the most abstract type of weakness and represents a theme for all class/base/variant weaknesses related to it. A Pillar is different from a Category as a Pillar is still technically a type of weakness that describes a mistake, while a Category represents a common characteristic used to group related things.Improper Access Control - (284) 1340 (CISQ Data Protection Measures) > 284 (Improper Access Control) The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.Authorization Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Authorization - (285) 1340 (CISQ Data Protection Measures) > 284 (Improper Access Control) > 285 (Improper Authorization) The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.AuthZ Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Improper Authentication - (287) 1340 (CISQ Data Protection Measures) > 284 (Improper Access Control) > 287 (Improper Authentication) When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.authentificationAuthNAuthC Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Authentication Bypass Using an Alternate Path or Channel - (288) 1340 (CISQ Data Protection Measures) > 284 (Improper Access Control) > 288 (Authentication Bypass Using an Alternate Path or Channel) A product requires authentication, but the product has an alternate path or channel that does not require authentication. Base - a weakness
that is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource.Authorization Bypass Through User-Controlled Key - (639) 1340 (CISQ Data Protection Measures) > 284 (Improper Access Control) > 639 (Authorization Bypass Through User-Controlled Key) The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.Insecure Direct Object Reference / IDORBroken Object Level Authorization / BOLAHorizontal Authorization Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Missing Authorization - (862) 1340 (CISQ Data Protection Measures) > 284 (Improper Access Control) > 862 (Missing Authorization) The product does not perform an authorization check when an actor attempts to access a resource or perform an action.AuthZ Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource.Incorrect Authorization - (863) 1340 (CISQ Data Protection Measures) > 284 (Improper Access Control) > 863 (Incorrect Authorization) The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.AuthZ
More information is available — Please edit the custom filter or select a different filter. |
Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2024, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation. |