Weaknesses in this category are related to a software system's data integrity components. Frequently these deal with the ability to ensure the integrity of data, such as messages, resource files, deployment files, and configuration files. The weaknesses in this category could lead to a degradation of data integrity quality if they are not addressed.
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 699 | Software Development |
| HasMember | Allowed | B | 322 | Key Exchange without Entity Authentication |
| HasMember | Allowed-with-Review | C | 346 | Origin Validation Error |
| HasMember | Allowed | B | 347 | Improper Verification of Cryptographic Signature |
| HasMember | Allowed | B | 348 | Use of Less Trusted Source |
| HasMember | Allowed | B | 349 | Acceptance of Extraneous Untrusted Data With Trusted Data |
| HasMember | Allowed | B | 351 | Insufficient Type Distinction |
| HasMember | Allowed | B | 353 | Missing Support for Integrity Check |
| HasMember | Allowed | B | 354 | Improper Validation of Integrity Check Value |
| HasMember | Allowed | B | 494 | Download of Code Without Integrity Check |
| HasMember | Allowed | B | 565 | Reliance on Cookies without Validation and Integrity Checking |
| HasMember | Allowed | B | 649 | Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking |
| HasMember | Allowed | B | 829 | Inclusion of Functionality from Untrusted Control Sphere |
| HasMember | Allowed | B | 924 | Improper Enforcement of Message Integrity During Transmission in a Communication Channel |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|