Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE VIEW:Mobile (technology class) Weaknesses
ID:BOSS-306
Vulnerability Mapping:Prohibited
Type:Implicit
Status:Draft
DetailsContent HistoryObserved CVE ExamplesReports
▼Objective

This view categorizes and displays weaknesses by technology class Mobile.

▼Memberships
NatureMappingTypeIDName
HasMemberDiscouragedC200Exposure of Sensitive Information to an Unauthorized Actor
HasMemberAllowedB250Execution with Unnecessary Privileges
HasMemberAllowedB295Improper Certificate Validation
HasMemberAllowedV297Improper Validation of Certificate with Host Mismatch
HasMemberAllowedB312Cleartext Storage of Sensitive Information
HasMemberAllowedB319Cleartext Transmission of Sensitive Information
HasMemberAllowedB359Exposure of Private Personal Information to an Unauthorized Actor
HasMemberAllowed-with-ReviewC362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
HasMemberAllowedB511Logic/Time Bomb
HasMemberAllowed-with-ReviewC602Client-Side Enforcement of Server-Side Security
HasMemberAllowed-with-ReviewC672Operation on a Resource after Expiration or Release
HasMemberAllowedB772Missing Release of Resource after Effective Lifetime
HasMemberAllowedB798Use of Hard-coded Credentials
HasMemberAllowedB920Improper Restriction of Power Consumption
HasMemberAllowedB921Storage of Sensitive Data in a Mechanism without Access Control
HasMemberAllowedV925Improper Verification of Intent by Broadcast Receiver
HasMemberAllowedV926Improper Export of Android Application Components
HasMemberAllowedV927Use of Implicit Intent for Sensitive Communication
HasMemberAllowedB939Improper Authorization in Handler for Custom URL Scheme
HasMemberAllowedB940Improper Verification of Source of a Communication Channel
HasMemberAllowedB941Incorrectly Specified Destination in a Communication Channel
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 200
Name: Exposure of Sensitive Information to an Unauthorized Actor
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 250
Name: Execution with Unnecessary Privileges
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 295
Name: Improper Certificate Validation
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 297
Name: Improper Validation of Certificate with Host Mismatch
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 312
Name: Cleartext Storage of Sensitive Information
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 319
Name: Cleartext Transmission of Sensitive Information
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 359
Name: Exposure of Private Personal Information to an Unauthorized Actor
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 362
Name: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 511
Name: Logic/Time Bomb
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 602
Name: Client-Side Enforcement of Server-Side Security
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 672
Name: Operation on a Resource after Expiration or Release
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 772
Name: Missing Release of Resource after Effective Lifetime
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 798
Name: Use of Hard-coded Credentials
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 920
Name: Improper Restriction of Power Consumption
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 921
Name: Storage of Sensitive Data in a Mechanism without Access Control
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 925
Name: Improper Verification of Intent by Broadcast Receiver
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 926
Name: Improper Export of Android Application Components
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 927
Name: Use of Implicit Intent for Sensitive Communication
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 939
Name: Improper Authorization in Handler for Custom URL Scheme
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 940
Name: Improper Verification of Source of a Communication Channel
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 941
Name: Incorrectly Specified Destination in a Communication Channel
▼Vendors
Note: CVE records are now filtered based on the selected vendors.
Not available
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:View
Rationale:

This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.

Comments:

Use this View or other Views to search and navigate for the appropriate weakness.

▼Notes
▼Audience
StakeholderDescription
▼References
Expand AllCollapse All
BOSS-306 - Mobile (technology class) Weaknesses
Details not found