OWASP Top Ten 2004 Category A2 - Broken Access Control |
Category ID: 723 (Category) | Status: Incomplete |
Description Summary
Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2004.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ParentOf | Weakness Variant | 9 | J2EE Misconfiguration: Weak Access Permissions for EJB Methods | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Class | 22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 41 | Improper Resolution of Path Equivalence | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Class | 73 | External Control of File Name or Path | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 266 | Incorrect Privilege Assignment | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 268 | Privilege Chaining | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Category | 275 | Permission Issues | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 283 | Unverified Ownership | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Class | 284 | Access Control (Authorization) Issues | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Class | 285 | Improper Access Control (Authorization) | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Class | 330 | Use of Insufficiently Random Values | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 425 | Direct Request ('Forced Browsing') | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Variant | 525 | Information Leak Through Browser Caching | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 551 | Incorrect Behavior Order: Authorization Before Parsing and Canonicalization | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Variant | 556 | ASP.NET Misconfiguration: Use of Identity Impersonation | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 639 | Access Control Bypass Through User-Controlled Key | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ParentOf | Weakness Base | 708 | Incorrect Ownership Assignment | Weaknesses in OWASP Top Ten (2004) (primary)711 |
MemberOf | View | 711 | Weaknesses in OWASP Top Ten (2004) | Weaknesses in OWASP Top Ten (2004) (primary)711 |
OWASP. "A2 Broken Access Control". 2007. <http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=70827>. |