Category: SFP Secondary Cluster: Tainted Input to Environment
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Tainted Input to Environment cluster (SFP27).
Membership
| ID | Name | Description |
|---|---|---|
| CWE-114 | Process Control | Process Control vulnerabilities occur when an application executes commands or loads libraries from an untrusted source or environment, allowing an attacker to run malicious code. |
| CWE-427 | Uncontrolled Search Path Element | This vulnerability occurs when an application searches for critical files like libraries or executables using a predefined list of directories, but one or more of those directories can be manipulated by an unauthorized user. |
| CWE-470 | Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') | This vulnerability occurs when an application uses unvalidated external input, like a URL parameter or form field, to dynamically decide which class to load or which method to execute via reflection. An attacker can manipulate this input to force the application to load unexpected, potentially malicious code. |
| CWE-471 | Modification of Assumed-Immutable Data (MAID) | This vulnerability occurs when an application fails to protect data it assumes cannot be changed, allowing an attacker to alter it. |
| CWE-472 | External Control of Assumed-Immutable Web Parameter | This vulnerability occurs when a web application incorrectly trusts data that appears to be fixed or hidden from the user, such as values in hidden form fields, cookies, or URL parameters. Because this data is actually controllable by the client, attackers can modify it to bypass security checks or corrupt application logic. |
| CWE-473 | PHP External Variable Modification | This vulnerability occurs when a PHP application fails to properly validate or sanitize variables that originate from outside the application, such as HTTP query strings, cookies, or POST data. Attackers can exploit this to inject unexpected values, altering the program's logic and security controls. |
| CWE-494 | Download of Code Without Integrity Check | This vulnerability occurs when an application fetches and runs code from an external source—like a remote server or CDN—without properly verifying where it came from or ensuring it hasn't been tampered with. |
| CWE-622 | Improper Validation of Function Hook Arguments | This vulnerability occurs when an application adds monitoring or interception hooks to critical functions, but fails to properly check the arguments passed to those hooks. This lack of validation can allow attackers to inject malicious data, leading to security bypasses or system compromise. |
| CWE-673 | External Influence of Sphere Definition | The application allows external parties to modify its security boundaries or trusted zones, which should be defined and controlled internally. |
| CWE-94 | Improper Control of Generation of Code ('Code Injection') | This vulnerability occurs when an application builds executable code using unvalidated external input, such as user data. Because the application fails to properly filter or escape this input, an attacker can inject special characters or commands that alter the intended code's logic or syntax. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.