Category: SFP Secondary Cluster: Tainted Input to Variable
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Tainted Input to Variable cluster (SFP25).
Membership
| ID | Name | Description |
|---|---|---|
| CWE-15 | External Control of System or Configuration Setting | This vulnerability occurs when an application allows users to directly modify critical system settings or configuration values from an external source. |
| CWE-20 | Improper Input Validation | This vulnerability occurs when an application accepts data from an external source but fails to properly verify that the data is safe and correctly formatted before using it. This missing or flawed validation check allows malicious or malformed inputs to disrupt the application's logic or security. |
| CWE-454 | External Initialization of Trusted Variables or Data Stores | This vulnerability occurs when an application sets up its critical internal variables or storage systems using data from untrusted, external sources that an attacker could control. |
| CWE-496 | Public Data Assigned to Private Array-Typed Field | This vulnerability occurs when a developer stores sensitive data in a private array, but then assigns a publicly accessible reference to that same array. This effectively makes all the private array's contents available to unauthorized code, bypassing intended access controls. |
| CWE-502 | Deserialization of Untrusted Data | This vulnerability occurs when an application accepts and processes serialized data from an untrusted source without proper validation, allowing an attacker to manipulate the data to execute malicious code or cause unexpected behavior. |
| CWE-566 | Authorization Bypass Through User-Controlled SQL Primary Key | This vulnerability occurs when an application allows a user to directly control the primary key value used in a SQL query, enabling them to access database records they are not authorized to view. |
| CWE-606 | Unchecked Input for Loop Condition | This vulnerability occurs when an application fails to properly validate or limit user-supplied values that control loop iterations. Without these checks, malicious input can force the program into an endless or excessively long loop, consuming system resources and leading to denial of service or application instability. |
| CWE-616 | Incomplete Identification of Uploaded File Variables (PHP) | This vulnerability occurs in PHP applications that rely on the deprecated, auto-registered global variables for file uploads (like $varname, $varname_size). Because these variables are not properly validated, an attacker can overwrite them to trick the application into processing malicious or unauthorized files. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.