Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools


CWE VIEW:Not OS-Specific(os class) Weaknesses
ID:BOSS-298
Vulnerability Mapping:Prohibited
Type:Implicit
Status:Draft
DetailsContent HistoryObserved CVE ExamplesReports
▼Objective

This view categorizes and displays weaknesses by operating system class Not OS-Specific.

▼Memberships
NatureMappingTypeIDName
HasMemberProhibitedC1059Insufficient Technical Documentation
HasMemberAllowedB1191On-Chip Debug and Test Interface With Improper Access Control
HasMemberAllowedB1209Failure to Disable Reserved Bits
HasMemberAllowedB1220Insufficient Granularity of Access Control
HasMemberAllowedV1222Insufficient Granularity of Address Regions Protected by Register Locks
HasMemberAllowed-with-ReviewC1229Creation of Emergent Resource
HasMemberAllowedB1230Exposure of Sensitive Information Through Metadata
HasMemberAllowedB1231Improper Prevention of Lock Bit Modification
HasMemberAllowedB1232Improper Lock Behavior After Power State Transition
HasMemberAllowedB1233Security-Sensitive Hardware Controls with Missing Lock Bit Protection
HasMemberAllowedB1234Hardware Internal or Debug Modes Allow Override of Locks
HasMemberAllowedB1235Incorrect Use of Autoboxing and Unboxing for Performance Critical Operations
HasMemberAllowedB1236Improper Neutralization of Formula Elements in a CSV File
HasMemberAllowedV1239Improper Zeroization of Hardware Register
HasMemberAllowedB1240Use of a Cryptographic Primitive with a Risky Implementation
HasMemberAllowedB1242Inclusion of Undocumented Features or Chicken Bits
HasMemberAllowedB1243Sensitive Non-Volatile Information Not Protected During Debug
HasMemberAllowedB1244Internal Asset Exposed to Unsafe Debug Access Level or State
HasMemberAllowedB1245Improper Finite State Machines (FSMs) in Hardware Logic
HasMemberAllowedB1246Improper Write Handling in Limited-write Non-Volatile Memories
HasMemberAllowedB1247Improper Protection Against Voltage and Clock Glitches
HasMemberAllowedB1248Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
HasMemberAllowedB1249Application-Level Admin Tool with Inconsistent View of Underlying Operating System
HasMemberAllowedB1250Improper Preservation of Consistency Between Independent Representations of Shared State
HasMemberAllowedB1251Mirrored Regions with Different Values
HasMemberAllowedB1252CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
HasMemberAllowedB1253Incorrect Selection of Fuse Values
HasMemberAllowedB1254Incorrect Comparison Logic Granularity
HasMemberAllowedV1255Comparison Logic is Vulnerable to Power Side-Channel Attacks
HasMemberAllowedB1256Improper Restriction of Software Interfaces to Hardware Features
HasMemberAllowedB1257Improper Access Control Applied to Mirrored or Aliased Memory Regions
HasMemberAllowedB1258Exposure of Sensitive System Information Due to Uncleared Debug Information
HasMemberAllowedB1259Improper Restriction of Security Token Assignment
HasMemberAllowedB1260Improper Handling of Overlap Between Protected Memory Ranges
HasMemberAllowedB1261Improper Handling of Single Event Upsets
HasMemberAllowedB1262Improper Access Control for Register Interface
HasMemberAllowed-with-ReviewC1263Improper Physical Access Control
HasMemberAllowedB1264Hardware Logic with Insecure De-Synchronization between Control and Data Channels
HasMemberAllowedB1266Improper Scrubbing of Sensitive Data from Decommissioned Device
HasMemberAllowedB1267Policy Uses Obsolete Encoding
HasMemberAllowedB1268Policy Privileges are not Assigned Consistently Between Control and Data Agents
HasMemberAllowedB1269Product Released in Non-Release Configuration
HasMemberAllowedB1270Generation of Incorrect Security Tokens
HasMemberAllowedB1271Uninitialized Value on Reset for Registers Holding Security Settings
HasMemberAllowedB1272Sensitive Information Uncleared Before Debug/Power State Transition
HasMemberAllowedB1273Device Unlock Credential Sharing
HasMemberAllowedB1274Improper Access Control for Volatile Memory Containing Boot Code
HasMemberAllowedV1275Sensitive Cookie with Improper SameSite Attribute
HasMemberAllowedB1276Hardware Child Block Incorrectly Connected to Parent System
HasMemberAllowedB1277Firmware Not Updateable
HasMemberAllowedB1278Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
HasMemberAllowedB1279Cryptographic Operations are run Before Supporting Units are Ready
HasMemberAllowedB1280Access Control Check Implemented After Asset is Accessed
HasMemberAllowedB1281Sequence of Processor Instructions Leads to Unexpected Behavior
HasMemberAllowedB1282Assumed-Immutable Data is Stored in Writable Memory
HasMemberAllowedB1283Mutable Attestation or Measurement Reporting Data
HasMemberAllowedB1290Incorrect Decoding of Security Identifiers
HasMemberAllowedB1291Public Key Re-Use for Signing both Debug and Production Code
HasMemberAllowedB1292Incorrect Conversion of Security Identifiers
HasMemberAllowedB1293Missing Source Correlation of Multiple Independent Data
HasMemberAllowed-with-ReviewC1294Insecure Security Identifier Mechanism
HasMemberAllowedB1295Debug Messages Revealing Unnecessary Information
HasMemberAllowedB1296Incorrect Chaining or Granularity of Debug Components
HasMemberAllowedB1297Unprotected Confidential Information on Device is Accessible by OSAT Vendors
HasMemberAllowedB1299Missing Protection Mechanism for Alternate Hardware Interface
HasMemberAllowedB1300Improper Protection of Physical Side Channels
HasMemberAllowedB1301Insufficient or Incomplete Data Removal within Hardware Component
HasMemberAllowedB1302Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)
HasMemberAllowedB1303Non-Transparent Sharing of Microarchitectural Resources
HasMemberAllowedB1304Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation
HasMemberAllowedB1310Missing Ability to Patch ROM Code
HasMemberAllowedB1312Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
HasMemberAllowedB1313Hardware Allows Activation of Test or Debug Logic at Runtime
HasMemberAllowedB1314Missing Write Protection for Parametric Data Values
HasMemberAllowedB1315Improper Setting of Bus Controlling Capability in Fabric End-point
HasMemberAllowedB1316Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
HasMemberAllowedB1317Improper Access Control in Fabric Bridge
HasMemberAllowedB1318Missing Support for Security Features in On-chip Fabrics or Buses
HasMemberAllowedB1319Improper Protection against Electromagnetic Fault Injection (EM-FI)
HasMemberAllowedB1320Improper Protection for Outbound Error Messages and Alert Signals
HasMemberAllowedB1323Improper Management of Sensitive Trace Data
HasMemberAllowedB1326Missing Immutable Root of Trust in Hardware
HasMemberAllowedB1327Binding to an Unrestricted IP Address
HasMemberAllowedB1328Security Version Number Mutable to Older Versions
HasMemberAllowedB1329Reliance on Component That is Not Updateable
HasMemberAllowedV1330Remanent Data Readable after Memory Erase
HasMemberAllowedB1331Improper Isolation of Shared Resources in Network On Chip (NoC)
HasMemberAllowedB1332Improper Handling of Faults that Lead to Instruction Skips
HasMemberAllowedB1334Unauthorized Error Injection Can Degrade Hardware Redundancy
HasMemberAllowedB1335Incorrect Bitwise Shift of Integer
HasMemberAllowedB1336Improper Neutralization of Special Elements Used in a Template Engine
HasMemberAllowedB1338Improper Protections Against Hardware Overheating
HasMemberAllowedB1339Insufficient Precision or Accuracy of a Real Number
HasMemberAllowedB1341Multiple Releases of Same Resource or Handle
HasMemberAllowedB1342Information Exposure through Microarchitectural State after Transient Execution
HasMemberAllowedB1351Improper Handling of Hardware Behavior in Exceptionally Cold Environments
HasMemberAllowed-with-ReviewC1391Use of Weak Credentials
HasMemberAllowedB1392Use of Default Credentials
HasMemberAllowedB1393Use of Default Password
HasMemberAllowedB1394Use of Default Cryptographic Key
HasMemberAllowed-with-ReviewC1395Dependency on Vulnerable Third-Party Component
HasMemberAllowed-with-ReviewC1419Incorrect Initialization of Resource
HasMemberAllowed-with-ReviewB1420Exposure of Sensitive Information during Transient Execution
HasMemberAllowedB1421Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
HasMemberAllowedB1422Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
HasMemberAllowedB1423Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
HasMemberAllowedB1427Improper Neutralization of Input Used for LLM Prompting
HasMemberAllowedB1428Reliance on HTTP instead of HTTPS
HasMemberAllowed-with-ReviewC405Asymmetric Resource Consumption (Amplification)
HasMemberAllowed-with-ReviewB426Untrusted Search Path
HasMemberAllowed-with-ReviewB427Uncontrolled Search Path Element
HasMemberAllowed-with-ReviewC441Unintended Proxy or Intermediary ('Confused Deputy')
HasMemberDiscouragedP707Improper Neutralization
Nature: HasMember
Mapping: Prohibited
Type: Class
ID: 1059
Name: Insufficient Technical Documentation
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1191
Name: On-Chip Debug and Test Interface With Improper Access Control
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1209
Name: Failure to Disable Reserved Bits
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1220
Name: Insufficient Granularity of Access Control
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 1222
Name: Insufficient Granularity of Address Regions Protected by Register Locks
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1229
Name: Creation of Emergent Resource
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1230
Name: Exposure of Sensitive Information Through Metadata
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1231
Name: Improper Prevention of Lock Bit Modification
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1232
Name: Improper Lock Behavior After Power State Transition
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1233
Name: Security-Sensitive Hardware Controls with Missing Lock Bit Protection
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1234
Name: Hardware Internal or Debug Modes Allow Override of Locks
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1235
Name: Incorrect Use of Autoboxing and Unboxing for Performance Critical Operations
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1236
Name: Improper Neutralization of Formula Elements in a CSV File
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 1239
Name: Improper Zeroization of Hardware Register
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1240
Name: Use of a Cryptographic Primitive with a Risky Implementation
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1242
Name: Inclusion of Undocumented Features or Chicken Bits
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1243
Name: Sensitive Non-Volatile Information Not Protected During Debug
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1244
Name: Internal Asset Exposed to Unsafe Debug Access Level or State
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1245
Name: Improper Finite State Machines (FSMs) in Hardware Logic
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1246
Name: Improper Write Handling in Limited-write Non-Volatile Memories
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1247
Name: Improper Protection Against Voltage and Clock Glitches
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1248
Name: Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1249
Name: Application-Level Admin Tool with Inconsistent View of Underlying Operating System
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1250
Name: Improper Preservation of Consistency Between Independent Representations of Shared State
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1251
Name: Mirrored Regions with Different Values
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1252
Name: CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1253
Name: Incorrect Selection of Fuse Values
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1254
Name: Incorrect Comparison Logic Granularity
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 1255
Name: Comparison Logic is Vulnerable to Power Side-Channel Attacks
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1256
Name: Improper Restriction of Software Interfaces to Hardware Features
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1257
Name: Improper Access Control Applied to Mirrored or Aliased Memory Regions
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1258
Name: Exposure of Sensitive System Information Due to Uncleared Debug Information
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1259
Name: Improper Restriction of Security Token Assignment
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1260
Name: Improper Handling of Overlap Between Protected Memory Ranges
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1261
Name: Improper Handling of Single Event Upsets
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1262
Name: Improper Access Control for Register Interface
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1263
Name: Improper Physical Access Control
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1264
Name: Hardware Logic with Insecure De-Synchronization between Control and Data Channels
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1266
Name: Improper Scrubbing of Sensitive Data from Decommissioned Device
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1267
Name: Policy Uses Obsolete Encoding
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1268
Name: Policy Privileges are not Assigned Consistently Between Control and Data Agents
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1269
Name: Product Released in Non-Release Configuration
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1270
Name: Generation of Incorrect Security Tokens
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1271
Name: Uninitialized Value on Reset for Registers Holding Security Settings
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1272
Name: Sensitive Information Uncleared Before Debug/Power State Transition
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1273
Name: Device Unlock Credential Sharing
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1274
Name: Improper Access Control for Volatile Memory Containing Boot Code
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 1275
Name: Sensitive Cookie with Improper SameSite Attribute
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1276
Name: Hardware Child Block Incorrectly Connected to Parent System
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1277
Name: Firmware Not Updateable
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1278
Name: Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1279
Name: Cryptographic Operations are run Before Supporting Units are Ready
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1280
Name: Access Control Check Implemented After Asset is Accessed
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1281
Name: Sequence of Processor Instructions Leads to Unexpected Behavior
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1282
Name: Assumed-Immutable Data is Stored in Writable Memory
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1283
Name: Mutable Attestation or Measurement Reporting Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1290
Name: Incorrect Decoding of Security Identifiers
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1291
Name: Public Key Re-Use for Signing both Debug and Production Code
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1292
Name: Incorrect Conversion of Security Identifiers
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1293
Name: Missing Source Correlation of Multiple Independent Data
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1294
Name: Insecure Security Identifier Mechanism
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1295
Name: Debug Messages Revealing Unnecessary Information
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1296
Name: Incorrect Chaining or Granularity of Debug Components
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1297
Name: Unprotected Confidential Information on Device is Accessible by OSAT Vendors
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1299
Name: Missing Protection Mechanism for Alternate Hardware Interface
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1300
Name: Improper Protection of Physical Side Channels
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1301
Name: Insufficient or Incomplete Data Removal within Hardware Component
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1302
Name: Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1303
Name: Non-Transparent Sharing of Microarchitectural Resources
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1304
Name: Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1310
Name: Missing Ability to Patch ROM Code
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1312
Name: Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1313
Name: Hardware Allows Activation of Test or Debug Logic at Runtime
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1314
Name: Missing Write Protection for Parametric Data Values
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1315
Name: Improper Setting of Bus Controlling Capability in Fabric End-point
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1316
Name: Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1317
Name: Improper Access Control in Fabric Bridge
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1318
Name: Missing Support for Security Features in On-chip Fabrics or Buses
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1319
Name: Improper Protection against Electromagnetic Fault Injection (EM-FI)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1320
Name: Improper Protection for Outbound Error Messages and Alert Signals
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1323
Name: Improper Management of Sensitive Trace Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1326
Name: Missing Immutable Root of Trust in Hardware
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1327
Name: Binding to an Unrestricted IP Address
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1328
Name: Security Version Number Mutable to Older Versions
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1329
Name: Reliance on Component That is Not Updateable
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 1330
Name: Remanent Data Readable after Memory Erase
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1331
Name: Improper Isolation of Shared Resources in Network On Chip (NoC)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1332
Name: Improper Handling of Faults that Lead to Instruction Skips
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1334
Name: Unauthorized Error Injection Can Degrade Hardware Redundancy
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1335
Name: Incorrect Bitwise Shift of Integer
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1336
Name: Improper Neutralization of Special Elements Used in a Template Engine
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1338
Name: Improper Protections Against Hardware Overheating
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1339
Name: Insufficient Precision or Accuracy of a Real Number
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1341
Name: Multiple Releases of Same Resource or Handle
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1342
Name: Information Exposure through Microarchitectural State after Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1351
Name: Improper Handling of Hardware Behavior in Exceptionally Cold Environments
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1391
Name: Use of Weak Credentials
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1392
Name: Use of Default Credentials
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1393
Name: Use of Default Password
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1394
Name: Use of Default Cryptographic Key
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1395
Name: Dependency on Vulnerable Third-Party Component
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1419
Name: Incorrect Initialization of Resource
Nature: HasMember
Mapping: Allowed-with-Review
Type: Base
ID: 1420
Name: Exposure of Sensitive Information during Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1421
Name: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1422
Name: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1423
Name: Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1427
Name: Improper Neutralization of Input Used for LLM Prompting
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1428
Name: Reliance on HTTP instead of HTTPS
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 405
Name: Asymmetric Resource Consumption (Amplification)
Nature: HasMember
Mapping: Allowed-with-Review
Type: Base
ID: 426
Name: Untrusted Search Path
Nature: HasMember
Mapping: Allowed-with-Review
Type: Base
ID: 427
Name: Uncontrolled Search Path Element
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 441
Name: Unintended Proxy or Intermediary ('Confused Deputy')
Nature: HasMember
Mapping: Discouraged
Type: Pillar
ID: 707
Name: Improper Neutralization
▼Vendors
Note: CVE records are filtered based on below selected vendors.
Not available
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:View
Rationale:

This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.

Comments:

Use this View or other Views to search and navigate for the appropriate weakness.

▼Notes
▼Audience
StakeholderDescription
▼References

Expand AllCollapse All

BOSS-298 - Not OS-Specific(os class) Weaknesses
Details not found