Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE VIEW:Firewall Strategy
ID:BOSS-285
Vulnerability Mapping:Prohibited
Type:Implicit
Status:Draft
DetailsContent HistoryObserved CVE ExamplesReports
▼Objective

This view (slice) displays Firewall strategy weaknesses.

▼Memberships
NatureMappingTypeIDName
HasMemberAllowedB1327Binding to an Unrestricted IP Address
HasMemberAllowedB22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
HasMemberAllowedB601URL Redirection to Untrusted Site ('Open Redirect')
HasMemberAllowedB78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
HasMemberAllowedB79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
HasMemberAllowedB829Inclusion of Functionality from Untrusted Control Sphere
HasMemberAllowedB89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
HasMemberAllowedV98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1327
Name: Binding to an Unrestricted IP Address
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 22
Name: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 601
Name: URL Redirection to Untrusted Site ('Open Redirect')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 78
Name: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 79
Name: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 829
Name: Inclusion of Functionality from Untrusted Control Sphere
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 89
Name: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 98
Name: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:View
Rationale:

This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.

Comments:

Use this View or other Views to search and navigate for the appropriate weakness.

▼Notes
▼Audience
StakeholderDescription
▼References
Expand AllCollapse All
BOSS-285 - Firewall Strategy
Details not found