Weaknesses in this category are listed in the "Porous Defenses" section of the 2009 CWE/SANS Top 25 Programming Errors.
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 750 | Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors |
| HasMember | Allowed | B | 250 | Execution with Unnecessary Privileges |
| HasMember | Allowed | V | 259 | Use of Hard-coded Password |
| HasMember | Discouraged | C | 285 | Improper Authorization |
| HasMember | Allowed-with-Review | C | 327 | Use of a Broken or Risky Cryptographic Algorithm |
| HasMember | Discouraged | C | 330 | Use of Insufficiently Random Values |
| HasMember | Allowed-with-Review | C | 602 | Client-Side Enforcement of Server-Side Security |
| HasMember | Allowed-with-Review | C | 732 | Incorrect Permission Assignment for Critical Resource |
| HasMember | Allowed | B | 798 | Use of Hard-coded Credentials |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|