The product does not drop privileges before passing control of a resource to an actor that does not have those privileges.
abstraction Class
status Incomplete
The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
abstraction Base
status Incomplete
The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
abstraction Base
status Incomplete
The product does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.
abstraction Base
status Draft
During installation, installed file permissions are set to allow anyone to modify those files.
abstraction Base
status Draft
A product defines a set of insecure permissions that are inherited by objects that are created by the program.
abstraction Variant
status Draft
A product inherits a set of insecure permissions for an object, e.g. when copying from an archive file, without user awareness or involvement.
abstraction Variant
status Incomplete
While it is executing, the product sets the permissions of an object in a way that violates the intended permissions that have been specified by the user.
abstraction Variant
status Draft
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.
abstraction Base
status Draft
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
abstraction Base
status Draft
The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.
abstraction Class
status Draft
The product does not properly verify that a critical resource is owned by the proper entity.
abstraction Base
status Draft
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
abstraction Pillar
status Incomplete
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
abstraction Class
status Draft
The product does not properly manage a user within its environment.
abstraction Class
status Incomplete
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
abstraction Class
status Draft
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
abstraction Base
status Incomplete
The product performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor.
abstraction Base
status Incomplete
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
abstraction Base
status Incomplete
The product uses an IP address for authentication.
abstraction Variant
status Incomplete
This entry has been deprecated because it was a duplicate of CWE-350. All content has been transferred to CWE-350.
abstraction Variant
status Deprecated
The referer field in HTTP requests can be easily modified and, as such, is not a valid means of message integrity checking.
abstraction Variant
status Draft
A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).
abstraction Base
status Incomplete
The product does not validate, or incorrectly validates, a certificate.
abstraction Base
status Draft
The product does not follow, or incorrectly follows, the chain of trust for a certificate back to a trusted root certificate.
abstraction Base
status Draft
The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.
abstraction Variant
status Incomplete
A certificate expiration is not validated or is incorrectly validated.
abstraction Variant
status Draft
The product does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.
abstraction Base
status Draft
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
abstraction Class
status Draft
Simple authentication protocols are subject to reflection attacks if a malicious user can use the target machine to impersonate a trusted user.
abstraction Base
status Draft
The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.
abstraction Base
status Incomplete
The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.
abstraction Base
status Draft
The product implements an authentication technique, but it skips a step that weakens the technique.
abstraction Base
status Draft
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
abstraction Base
status Draft
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
abstraction Base
status Draft
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
abstraction Base
status Draft
The product uses an authentication algorithm that uses a single factor (e.g., a password) in a security context that should require more than one factor.
abstraction Base
status Draft
The use of password systems as the primary means of authentication may be subject to several flaws or shortcomings, each reducing the effectiveness of the mechanism.
abstraction Base
status Draft
The product does not encrypt sensitive or critical information before storage or transmission.
abstraction Class
status Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
abstraction Base
status Draft
The product stores sensitive information in cleartext in a file, or on disk.
abstraction Variant
status Draft
The product stores sensitive information in cleartext in the registry.
abstraction Variant
status Draft
The product stores sensitive information in cleartext in a cookie.
abstraction Variant
status Draft
The product stores sensitive information in cleartext in memory.
abstraction Variant
status Draft
The product stores sensitive information in cleartext within the GUI.
abstraction Variant
status Draft
The product stores sensitive information in cleartext in an executable.
abstraction Variant
status Draft
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
abstraction Base
status Draft
The product uses a hard-coded, unchangeable cryptographic key.
abstraction Variant
status Draft
The product performs a key exchange with an actor without verifying the identity of that actor.
abstraction Base
status Draft
Nonces should be used for the present occasion and only once.
abstraction Base
status Incomplete
The product uses a cryptographic key or password past its expiration date, which diminishes its safety significantly by increasing the timing window for cracking attacks against that key.
abstraction Base
status Draft
The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.
abstraction Base
status Draft
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
abstraction Class
status Draft
The product uses a broken or risky cryptographic algorithm or protocol.
abstraction Class
status Draft
The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
abstraction Base
status Draft
The product generates and uses a predictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode, which causes algorithms to be susceptible to dictionary attacks when they are encrypted under the same key.
abstraction Variant
status Draft
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
abstraction Class
status Stable
The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
abstraction Base
status Draft
The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.
abstraction Variant
status Draft
True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.
abstraction Variant
status Draft
The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.
abstraction Base
status Draft
The product uses a Pseudo-Random Number Generator (PRNG) but does not correctly manage seeds.
abstraction Base
status Draft
A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized.
abstraction Variant
status Draft
A Pseudo-Random Number Generator (PRNG) is initialized from a predictable seed, such as the process ID or system time.
abstraction Variant
status Draft
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
abstraction Base
status Draft
A Pseudo-Random Number Generator (PRNG) uses a relatively small seed space, which makes it more susceptible to brute force attacks.
abstraction Variant
status Draft
The product uses a scheme that generates numbers or identifiers that are more predictable than required.
abstraction Class
status Incomplete
A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc.
abstraction Base
status Draft
An exact value or random number can be precisely predicted by observing previous values.
abstraction Base
status Draft
The product's random number generator produces a series of values which, when observed, can be used to infer a relatively small range of possibilities for the next value that could be generated.
abstraction Base
status Draft
The product uses a constant value, name, or reference, but this value can (or should) vary across different environments.
abstraction Base
status Draft
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
abstraction Class
status Draft
The product does not properly verify that the source of data or communication is valid.
abstraction Class
status Draft
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
abstraction Base
status Draft
The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.
abstraction Base
status Draft
The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.
abstraction Base
status Draft
The product performs reverse DNS resolution on an IP address to obtain the hostname and make a security decision, but it does not properly ensure that the IP address is truly associated with the hostname.
abstraction Variant
status Draft
The product does not properly distinguish between different types of elements in a way that leads to insecure behavior.
abstraction Base
status Draft
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
abstraction Compound
status Stable
The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.
abstraction Base
status Draft