ByteOS Network

CWE CATEGORY:SFP Secondary Cluster: Other Exposures

Category ID:966

Vulnerability Mapping:Prohibited

Status:Incomplete

Details Content History Observed CVE Examples Reports

▼Summary

This category identifies Software Fault Patterns (SFPs) within the Other Exposures cluster.

▼Membership

Nature	Mapping	Type	ID	Name
MemberOf	Prohibited	V	888	Software Fault Pattern (SFP) Clusters
HasMember	Allowed	V	453	Insecure Default Variable Initialization
HasMember	Allowed	B	487	Reliance on Package-level Scope
HasMember	Allowed	V	492	Use of Inner Class Containing Sensitive Data
HasMember	Allowed	V	525	Use of Web Browser Cache Containing Sensitive Information
HasMember	Allowed	V	614	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
HasMember	Allowed	V	651	Exposure of WSDL File Containing Sensitive Information

Nature: MemberOf

Mapping: Prohibited

Type: View

ID: 888

Name: Software Fault Pattern (SFP) Clusters

Nature: HasMember

Mapping: Allowed

Type: Variant

ID: 453

Name: Insecure Default Variable Initialization

Nature: HasMember

Mapping: Allowed

Type: Base

ID: 487

Name: Reliance on Package-level Scope

Nature: HasMember

Mapping: Allowed

Type: Variant

ID: 492

Name: Use of Inner Class Containing Sensitive Data

Nature: HasMember

Mapping: Allowed

Type: Variant

ID: 525

Name: Use of Web Browser Cache Containing Sensitive Information

Nature: HasMember

Mapping: Allowed

Type: Variant

ID: 614

Name: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Nature: HasMember

Mapping: Allowed

Type: Variant

ID: 651

Name: Exposure of WSDL File Containing Sensitive Information

▼Vulnerability Mapping Notes

Usage:Prohibited

Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.