Category: Comprehensive Categorization: Exposed Resource
Incomplete
Summary
Weaknesses in this category are related to exposed resource.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-114 | Process Control | Process Control vulnerabilities occur when an application executes commands or loads libraries from an untrusted source or environment, allowing an attacker to run malicious code. |
| CWE-1282 | Assumed-Immutable Data is Stored in Writable Memory | This vulnerability occurs when data that should be permanent and unchangeable—like a bootloader, device IDs, or one-time configuration settings—is placed in memory that can be rewritten or updated after deployment. |
| CWE-1327 | Binding to an Unrestricted IP Address | This vulnerability occurs when software or a service is configured to bind to the IP address 0.0.0.0 (or :: in IPv6), which acts as a wildcard, accepting connections from any network interface on the host system. |
| CWE-15 | External Control of System or Configuration Setting | This vulnerability occurs when an application allows users to directly modify critical system settings or configuration values from an external source. |
| CWE-219 | Storage of File with Sensitive Data Under Web Root | This vulnerability occurs when an application saves sensitive files, such as configuration data or private keys, inside the web server's publicly accessible directory. Without proper access restrictions, attackers can directly request and download these files. |
| CWE-220 | Storage of File With Sensitive Data Under FTP Root | This vulnerability occurs when an application saves sensitive files, such as configuration or user data, within the directory served by an FTP server without proper access restrictions. This misconfiguration can allow unauthorized users to download these files directly. |
| CWE-374 | Passing Mutable Objects to an Untrusted Method | This vulnerability occurs when a function receives a direct reference to mutable data, such as an object or array, instead of a safe copy of that data. |
| CWE-375 | Returning a Mutable Object to an Untrusted Caller | This vulnerability occurs when a method directly returns a reference to its internal mutable data, allowing untrusted calling code to modify that data unexpectedly. |
| CWE-377 | Insecure Temporary File | This vulnerability occurs when an application creates temporary files with insecure permissions or in predictable locations, allowing attackers to read, modify, or delete sensitive data. |
| CWE-378 | Creation of Temporary File With Insecure Permissions | This vulnerability occurs when a program creates a temporary file but sets its file permissions too loosely, allowing other users or processes on the system to read, modify, or delete the file. |
| CWE-379 | Creation of Temporary File in Directory with Insecure Permissions | This vulnerability occurs when an application creates a temporary file in a directory that is too permissive, allowing unauthorized users or processes to see, access, or manipulate the file. |
| CWE-402 | Transmission of Private Resources into a New Sphere ('Resource Leak') | This vulnerability occurs when an application unintentionally exposes internal resources, like files, memory, or database connections, to unauthorized users or systems. Essentially, it's a type of resource leak where sensitive assets cross a security boundary. |
| CWE-403 | Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') | This vulnerability occurs when a parent process launches a child process without first closing sensitive file descriptors. The child process inherits these open handles, potentially gaining unauthorized access to files, sockets, or other resources it shouldn't be able to interact with. |
| CWE-426 | Untrusted Search Path | This vulnerability occurs when an application relies on an external search path, provided by a user or environment, to find and load critical resources like executables or libraries. Because the application does not fully control this path, an attacker can manipulate it to point to malicious files. |
| CWE-427 | Uncontrolled Search Path Element | This vulnerability occurs when an application searches for critical files like libraries or executables using a predefined list of directories, but one or more of those directories can be manipulated by an unauthorized user. |
| CWE-428 | Unquoted Search Path or Element | This vulnerability occurs when a program uses a file path or command that contains spaces and is not enclosed in quotes. The operating system may misinterpret where the executable file is located, potentially allowing an attacker to run a malicious program with higher privileges. |
| CWE-433 | Unparsed Raw Web Content Delivery | This vulnerability occurs when a web application stores unprocessed files—like configuration scripts or raw source code—in publicly accessible directories using file extensions the server doesn't recognize. |
| CWE-472 | External Control of Assumed-Immutable Web Parameter | This vulnerability occurs when a web application incorrectly trusts data that appears to be fixed or hidden from the user, such as values in hidden form fields, cookies, or URL parameters. Because this data is actually controllable by the client, attackers can modify it to bypass security checks or corrupt application logic. |
| CWE-488 | Exposure of Data Element to Wrong Session | This vulnerability occurs when an application fails to properly isolate data between different user sessions, allowing information from one user's session to leak into another's. |
| CWE-491 | Public cloneable() Method Without Final ('Object Hijack') | This vulnerability occurs when a class implements a public clone() method without declaring it final. This allows attackers to create copies of objects without invoking their constructors, potentially leaving the cloned object in an inconsistent or insecure state. |
| CWE-492 | Use of Inner Class Containing Sensitive Data | Using inner classes to handle sensitive data can unintentionally expose that data because of how Java compiles them. The compiler transforms inner classes into separate, package-visible classes, which can bypass the intended private access restrictions. |
| CWE-493 | Critical Public Variable Without Final Modifier | This vulnerability occurs when a security-sensitive variable is declared as public but not marked as final, allowing untrusted code to unexpectedly change its value after initialization. |
| CWE-498 | Cloneable Class Containing Sensitive Information | This vulnerability occurs when a class containing sensitive information, such as credentials or personal data, is made cloneable. Attackers can bypass normal initialization and access the sensitive data by creating a copy of the object. |
| CWE-499 | Serializable Class Containing Sensitive Data | This vulnerability occurs when a class containing sensitive information, such as credentials or personal data, is left serializable by default. Because the class does not explicitly prevent serialization, its internal data can be accessed and extracted by other parts of the application or external processes. |
| CWE-500 | Public Static Field Not Marked Final | This vulnerability occurs when a class exposes a public static field without declaring it as final, allowing unintended modification from anywhere in the application. |
| CWE-524 | Use of Cache Containing Sensitive Information | This vulnerability occurs when an application stores sensitive data in a cache that is accessible to unauthorized users or external systems. |
| CWE-525 | Use of Web Browser Cache Containing Sensitive Information | This vulnerability occurs when a web application fails to implement secure caching directives, allowing sensitive user data or pages to be stored in the browser's cache where unauthorized parties could retrieve them. |
| CWE-527 | Exposure of Version-Control Repository to an Unauthorized Control Sphere | This vulnerability occurs when a version control repository, like Git or SVN, is accidentally placed in a location accessible to unauthorized users, such as a web server directory or a public archive. |
| CWE-528 | Exposure of Core Dump File to an Unauthorized Control Sphere | This vulnerability occurs when an application creates a core dump file (a snapshot of memory at the time of a crash) and places it in a location accessible to unauthorized users or systems. |
| CWE-529 | Exposure of Access Control List Files to an Unauthorized Control Sphere | This vulnerability occurs when an application stores sensitive access control list (ACL) files in a location that is accessible to unauthorized users or systems. |
| CWE-530 | Exposure of Backup File to an Unauthorized Control Sphere | This vulnerability occurs when backup or temporary files are stored in locations that unauthorized users can access, such as web directories. |
| CWE-539 | Use of Persistent Cookies Containing Sensitive Information | This vulnerability occurs when a web application stores sensitive data, like authentication details or personal information, within persistent cookies that remain on a user's device. |
| CWE-552 | Files or Directories Accessible to External Parties | This vulnerability occurs when an application exposes files or directories to users who shouldn't have access to them. |
| CWE-553 | Command Shell in Externally Accessible Directory | This vulnerability occurs when a command shell script is placed in a web-accessible directory, such as /cgi-bin/. Attackers can directly request this file to execute arbitrary commands on the server, leading to full system compromise. |
| CWE-565 | Reliance on Cookies without Validation and Integrity Checking | This vulnerability occurs when an application uses cookies to make security decisions—like granting access or changing settings—but fails to verify that the cookie data is legitimate, unaltered, and belongs to the current user. |
| CWE-582 | Array Declared Public, Final, and Static | This vulnerability occurs when an array is declared as public, final, and static, which does not protect the data inside the array from being altered. |
| CWE-583 | finalize() Method Declared Public | This vulnerability occurs when a Java class declares its finalize() method as public, violating secure coding practices for mobile code. |
| CWE-608 | Struts: Non-private Field in ActionForm Class | This vulnerability occurs when an Apache Struts ActionForm class exposes a field without declaring it as private. This allows other parts of the application to directly read or modify the field's data, bypassing the intended setter and getter methods. |
| CWE-619 | Dangling Database Cursor ('Cursor Injection') | A dangling database cursor occurs when a database cursor is not properly closed, potentially allowing other users to access it while it retains its original, often elevated, privileges. |
| CWE-642 | External Control of Critical State Data | This vulnerability occurs when an application stores security-sensitive state data in locations that unauthorized users can access and modify. |
| CWE-668 | Exposure of Resource to Wrong Sphere | This vulnerability occurs when an application unintentionally makes a resource accessible to users or systems that should not have permission to use it. |
| CWE-73 | External Control of File Name or Path | This vulnerability occurs when an application uses unvalidated user input to construct file or directory paths for filesystem operations. |
| CWE-767 | Access to Critical Private Variable via Public Method | This vulnerability occurs when a class exposes a public method that directly accesses or alters a private variable. |
| CWE-784 | Reliance on Cookies without Validation and Integrity Checking in a Security Decision | This vulnerability occurs when an application makes security decisions—like granting access or verifying identity—based solely on cookie data without first confirming the cookie's authenticity or integrity. |
| CWE-8 | J2EE Misconfiguration: Entity Bean Declared Remote | This vulnerability occurs when an Entity Bean in a J2EE application is incorrectly configured with a remote interface. This exposes data access methods to remote clients, allowing unauthorized users to potentially read sensitive information or manipulate data outside the application's intended security boundaries. |
| CWE-1400 | Comprehensive Categorization for Software Assurance Trends |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1330].
Comment:
See member weaknesses of this category.