Security Features |
Category ID: 254 (Category) | Status: Incomplete |
Description Summary
Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 18 | Source Code | Development Concepts (primary)699 |
ParentOf | Category | 255 | Credentials Management | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 256 | Plaintext Storage of a Password | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 258 | Empty Password in Configuration File | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 259 | Use of Hard-coded Password | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 260 | Password in Configuration File | Development Concepts699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 261 | Weak Cryptography for Passwords | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Category | 264 | Permissions, Privileges, and Access Controls | Development Concepts (primary)699 |
ParentOf | Weakness Base | 272 | Least Privilege Violation | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Class | 285 | Improper Access Control (Authorization) | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Class | 287 | Improper Authentication | Development Concepts (primary)699 |
ParentOf | Category | 295 | Certificate Issues | Development Concepts (primary)699 |
ParentOf | Category | 310 | Cryptographic Issues | Development Concepts (primary)699 |
ParentOf | Weakness Class | 330 | Use of Insufficiently Random Values | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Class | 345 | Insufficient Verification of Data Authenticity | Development Concepts (primary)699 |
ParentOf | Category | 355 | User Interface Security Issues | Development Concepts (primary)699 |
ParentOf | Weakness Base | 358 | Improperly Implemented Security Check for Standard | Development Concepts (primary)699 |
ParentOf | Weakness Class | 359 | Privacy Violation | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 565 | Reliance on Cookies without Validation and Integrity Checking | Development Concepts (primary)699 |
ParentOf | Weakness Base | 602 | Client-Side Enforcement of Server-Side Security | Development Concepts (primary)699 |
ParentOf | Weakness Base | 653 | Insufficient Compartmentalization | Development Concepts699 |
ParentOf | Weakness Base | 654 | Reliance on a Single Factor in a Security Decision | Development Concepts699 |
ParentOf | Weakness Base | 655 | Insufficient Psychological Acceptability | Development Concepts699 |
ParentOf | Weakness Base | 656 | Reliance on Security through Obscurity | Development Concepts699 |
ParentOf | Weakness Class | 693 | Protection Mechanism Failure | Development Concepts (primary)699 |
ParentOf | Weakness Base | 778 | Insufficient Logging | Development Concepts699 |
ParentOf | Weakness Base | 779 | Logging of Excessive Data | Development Concepts699 |
ParentOf | Weakness Variant | 784 | Reliance on Cookies without Validation and Integrity Checking in a Security Decision | Development Concepts699 |
ParentOf | Weakness Base | 798 | Use of Hard-coded Credentials | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 807 | Reliance on Untrusted Inputs in a Security Decision | Development Concepts (primary)699 |
MemberOf | View | 700 | Seven Pernicious Kingdoms | Seven Pernicious Kingdoms (primary)700 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
7 Pernicious Kingdoms | Security Features |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
7 Pernicious Kingdoms | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Relationships, Taxonomy Mappings | ||||
2009-07-27 | CWE Content Team | MITRE | Internal | |
updated Relationships |