Security Features |
Category ID: 254 (Category) | Status: Incomplete |
Description Summary
Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.
Nature | Type | ID | Name | View(s) this relationship pertains to![]() |
---|---|---|---|---|
ChildOf | ![]() | 18 | Source Code | Development Concepts (primary)699 |
ParentOf | ![]() | 255 | Credentials Management | Development Concepts (primary)699 |
ParentOf | ![]() | 256 | Plaintext Storage of a Password | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 258 | Empty Password in Configuration File | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 259 | Use of Hard-coded Password | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 260 | Password in Configuration File | Development Concepts699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 261 | Weak Cryptography for Passwords | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 264 | Permissions, Privileges, and Access Controls | Development Concepts (primary)699 |
ParentOf | ![]() | 272 | Least Privilege Violation | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 285 | Improper Access Control (Authorization) | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 287 | Improper Authentication | Development Concepts (primary)699 |
ParentOf | ![]() | 295 | Certificate Issues | Development Concepts (primary)699 |
ParentOf | ![]() | 310 | Cryptographic Issues | Development Concepts (primary)699 |
ParentOf | ![]() | 330 | Use of Insufficiently Random Values | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 345 | Insufficient Verification of Data Authenticity | Development Concepts (primary)699 |
ParentOf | ![]() | 355 | User Interface Security Issues | Development Concepts (primary)699 |
ParentOf | ![]() | 358 | Improperly Implemented Security Check for Standard | Development Concepts (primary)699 |
ParentOf | ![]() | 359 | Privacy Violation | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 565 | Reliance on Cookies without Validation and Integrity Checking | Development Concepts (primary)699 |
ParentOf | ![]() | 602 | Client-Side Enforcement of Server-Side Security | Development Concepts (primary)699 |
ParentOf | ![]() | 653 | Insufficient Compartmentalization | Development Concepts699 |
ParentOf | ![]() | 654 | Reliance on a Single Factor in a Security Decision | Development Concepts699 |
ParentOf | ![]() | 655 | Insufficient Psychological Acceptability | Development Concepts699 |
ParentOf | ![]() | 656 | Reliance on Security through Obscurity | Development Concepts699 |
ParentOf | ![]() | 693 | Protection Mechanism Failure | Development Concepts (primary)699 |
ParentOf | ![]() | 778 | Insufficient Logging | Development Concepts699 |
ParentOf | ![]() | 779 | Logging of Excessive Data | Development Concepts699 |
ParentOf | ![]() | 784 | Reliance on Cookies without Validation and Integrity Checking in a Security Decision | Development Concepts699 |
ParentOf | ![]() | 798 | Use of Hard-coded Credentials | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 807 | Reliance on Untrusted Inputs in a Security Decision | Development Concepts (primary)699 |
MemberOf | ![]() | 700 | Seven Pernicious Kingdoms | Seven Pernicious Kingdoms (primary)700 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
7 Pernicious Kingdoms | Security Features |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
7 Pernicious Kingdoms | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Relationships, Taxonomy Mappings | ||||
2009-07-27 | CWE Content Team | MITRE | Internal | |
updated Relationships |