CWE-183

Permissive List of Allowed Inputs

AI Translation Available

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.

Status

draft

Abstraction

base

Affected Platforms

Technical Details

AI Translation

Common Consequences

access control

Impacts

bypass protection mechanism

Detection Methods

automated static analysis

CWE-183

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Common Consequences

Impacts

Detection Methods

Potential Mitigations

CWE-183

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Iscriviti alla newsletter