Insufficient Encapsulation |
Weakness ID: 485 (Weakness Class) | Status: Draft |
Description Summary
Extended Description
Encapsulation is about drawing strong boundaries. In a web browser that might mean ensuring that your mobile code cannot be abused by other mobile code. On the server it might mean differentiation between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not.
The "encapsulation" term is used in multiple ways. WIthin some security sources, the term is used to describe the establishment of boundaries between different control spheres. Within general computing circles, it is more about hiding implementation details and maintainability than security. Even within the security usage, there is also a question of whether "encapsulation" encompasses the entire range |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 18 | Source Code | Development Concepts (primary)699 |
ChildOf | Weakness Class | 664 | Improper Control of a Resource Through its Lifetime | Research Concepts (primary)1000 |
ParentOf | Weakness Class | 216 | Containment Errors (Container Errors) | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 486 | Comparison of Classes by Name | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts1000 |
ParentOf | Weakness Variant | 487 | Reliance on Package-level Scope | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 488 | Data Leak Between Sessions | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 489 | Leftover Debug Code | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Category | 490 | Mobile Code Issues | Development Concepts699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 491 | Public cloneable() Method Without Final ('Object Hijack') | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 492 | Use of Inner Class Containing Sensitive Data | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 493 | Critical Public Variable Without Final Modifier | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 495 | Private Array-Typed Field Returned From A Public Method | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 496 | Public Data Assigned to Private Array-Typed Field | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 497 | Exposure of System Data to an Unauthorized Control Sphere | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 498 | Information Leak through Class Cloning | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 499 | Serializable Class Containing Sensitive Data | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 501 | Trust Boundary Violation | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 502 | Deserialization of Untrusted Data | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 545 | Use of Dynamic Class Loading | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 580 | clone() Method Without super.clone() | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 594 | J2EE Framework: Saving Unserializable Objects to Disk | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 607 | Public Static Final Field References Mutable Object | Development Concepts (primary)699 |
ParentOf | Weakness Base | 749 | Exposed Dangerous Method or Function | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 766 | Critical Variable Declared Public | Development Concepts (primary)699 Research Concepts1000 |
ParentOf | Weakness Variant | 767 | Access to Critical Private Variable via Public Method | Development Concepts (primary)699 Research Concepts1000 |
MemberOf | View | 700 | Seven Pernicious Kingdoms | Seven Pernicious Kingdoms (primary)700 |
This node has to be considered in relation to CWE-732 and CWE-269. |
See terminology notes on the multiple uses of the "encapsulation" term. |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
7 Pernicious Kingdoms | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Potential Mitigations, Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Description, Maintenance Notes, Relationships, Taxonomy Mappings, Terminology Notes | ||||
2008-11-24 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
2009-05-27 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Encapsulation | |||