Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:OWASP Top Ten 2021 Category A08:2021 - Software and Data Integrity Failures
Category ID:1354
Vulnerability Mapping:Prohibited
Status:Incomplete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to the A08 category "Software and Data Integrity Failures" in the OWASP Top Ten 2021.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV1344Weaknesses in OWASP Top Ten (2021)
HasMemberDiscouragedC345Insufficient Verification of Data Authenticity
HasMemberAllowedB353Missing Support for Integrity Check
HasMemberAllowed-with-ReviewB426Untrusted Search Path
HasMemberAllowedB494Download of Code Without Integrity Check
HasMemberAllowedB502Deserialization of Untrusted Data
HasMemberAllowedB565Reliance on Cookies without Validation and Integrity Checking
HasMemberAllowedV784Reliance on Cookies without Validation and Integrity Checking in a Security Decision
HasMemberAllowedB829Inclusion of Functionality from Untrusted Control Sphere
HasMemberAllowedV830Inclusion of Web Functionality from an Untrusted Source
HasMemberAllowedB915Improperly Controlled Modification of Dynamically-Determined Object Attributes
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 1344
Name: Weaknesses in OWASP Top Ten (2021)
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 345
Name: Insufficient Verification of Data Authenticity
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 353
Name: Missing Support for Integrity Check
Nature: HasMember
Mapping: Allowed-with-Review
Type: Base
ID: 426
Name: Untrusted Search Path
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 494
Name: Download of Code Without Integrity Check
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 502
Name: Deserialization of Untrusted Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 565
Name: Reliance on Cookies without Validation and Integrity Checking
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 784
Name: Reliance on Cookies without Validation and Integrity Checking in a Security Decision
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 829
Name: Inclusion of Functionality from Untrusted Control Sphere
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 830
Name: Inclusion of Web Functionality from an Untrusted Source
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 915
Name: Improperly Controlled Modification of Dynamically-Determined Object Attributes
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.

▼Notes
Maintenance

As of CWE 4.6, the relationships in this category were pulled directly from the CWE mappings cited in the 2021 OWASP Top Ten. The CWE Program will work with OWASP to improve these mappings, possibly requiring modifications to CWE itself.

N/A

▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-1206
Title: OWASP Top 10:2021
Version: v4.15
Author:
Publication:
Publisher:OWASP
Edition:
URL:https://owasp.org/Top10/
URL Date:
Day:24
Month:09
Year:2021
Reference ID: REF-1214
Title: A08:2021 - Software and Data Integrity Failures
Version: v4.15
Author:
Publication:
Publisher:OWASP
Edition:
URL:https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/
URL Date:
Day:24
Month:09
Year:2021
Details not found