2009 Top 25 - Porous Defenses
Category ID: 753 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are listed in the "Porous Defenses" section of the 2009 CWE/SANS Top 25 Programming Errors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class250Execution with Unnecessary Privileges
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base259Use of Hard-coded Password
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness ClassWeakness Class285Improper Access Control (Authorization)
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base327Use of a Broken or Risky Cryptographic Algorithm
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness ClassWeakness Class330Use of Insufficiently Random Values
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base602Client-Side Enforcement of Server-Side Security
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness ClassWeakness Class732Incorrect Permission Assignment for Critical Resource
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
ParentOfWeakness BaseWeakness Base798Use of Hard-coded Credentials
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
MemberOfViewView750Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors
Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)750
+ References
"2009 CWE/SANS Top 25 Programming Errors". 2009-01-12. <http://cwe.mitre.org/top25>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2009-01-12Internal CWE Team
Back to top