Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
:
Weakness ID:
Version:
Weakness Name:
Vulnerability Mapping:
Abstraction:
Structure:
Status:
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

▼Extended Description

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
CanPrecedeAllowedB471Modification of Assumed-Immutable Data (MAID)
CanPrecedeAllowedV98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
ChildOfAllowed-with-ReviewC862Missing Authorization
ChildOfAllowedB288Authentication Bypass Using an Alternate Path or Channel
ChildOfAllowed-with-ReviewC424Improper Protection of Alternate Path
Nature: CanPrecede
Mapping: Allowed
Type: Base
ID: 471
Name: Modification of Assumed-Immutable Data (MAID)
Nature: CanPrecede
Mapping: Allowed
Type: Variant
ID: 98
Name: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Nature: ChildOf
Mapping: Allowed-with-Review
Type: Class
ID: 862
Name: Missing Authorization
Nature: ChildOf
Mapping: Allowed
Type: Base
ID: 288
Name: Authentication Bypass Using an Alternate Path or Channel
Nature: ChildOf
Mapping: Allowed-with-Review
Type: Class
ID: 424
Name: Improper Protection of Alternate Path
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC417Communication Channel Errors
MemberOfProhibitedC721OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
MemberOfProhibitedC722OWASP Top Ten 2004 Category A1 - Unvalidated Input
MemberOfProhibitedC723OWASP Top Ten 2004 Category A2 - Broken Access Control
MemberOfProhibitedC953SFP Secondary Cluster: Missing Endpoint Authentication
MemberOfProhibitedC1011Authorize Actors
MemberOfProhibitedC1031OWASP Top Ten 2017 Category A5 - Broken Access Control
MemberOfProhibitedC1212Authorization Errors
MemberOfProhibitedC1345OWASP Top Ten 2021 Category A01:2021 - Broken Access Control
MemberOfProhibitedC1396Comprehensive Categorization: Access Control
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 417
Name: Communication Channel Errors
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 721
Name: OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 722
Name: OWASP Top Ten 2004 Category A1 - Unvalidated Input
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 723
Name: OWASP Top Ten 2004 Category A2 - Broken Access Control
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 953
Name: SFP Secondary Cluster: Missing Endpoint Authentication
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1011
Name: Authorize Actors
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1031
Name: OWASP Top Ten 2017 Category A5 - Broken Access Control
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1212
Name: Authorization Errors
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1345
Name: OWASP Top Ten 2021 Category A01:2021 - Broken Access Control
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1396
Name: Comprehensive Categorization: Access Control
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-294Not Language-Specific Weaknesses
MemberOfProhibitedBSBOSS-309Web Based (technology class) Weaknesses
MemberOfProhibitedBSBOSS-311Execute Unauthorized Code or Commands (impact)
MemberOfProhibitedBSBOSS-318Modify Application Data (impact)
MemberOfProhibitedBSBOSS-328Read Application Data (impact)
MemberOfProhibitedBSBOSS-332Gain Privileges or Assume Identity (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-294
Name: Not Language-Specific Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-309
Name: Web Based (technology class) Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-311
Name: Execute Unauthorized Code or Commands (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-318
Name: Modify Application Data (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-328
Name: Read Application Data (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-332
Name: Gain Privileges or Assume Identity (impact)
▼Relevant To View
Relevant to the view"Architectural Concepts - (1008)"
NatureMappingTypeIDName
MemberOfProhibitedC1011Authorize Actors
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1011
Name: Authorize Actors
Relevant to the view"Software Development - (699)"
NatureMappingTypeIDName
MemberOfProhibitedC1212Authorization Errors
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1212
Name: Authorization Errors
Relevant to the view"OWASP Top Ten (2021) - (1344)"
NatureMappingTypeIDName
MemberOfProhibitedC1345OWASP Top Ten 2021 Category A01:2021 - Broken Access Control
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1345
Name: OWASP Top Ten 2021 Category A01:2021 - Broken Access Control
Relevant to the view"Software Development - (699)"
NatureMappingTypeIDName
MemberOfProhibitedC417Communication Channel Errors
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 417
Name: Communication Channel Errors
Relevant to the view"Software Fault Pattern (SFP) Clusters - (888)"
NatureMappingTypeIDName
MemberOfProhibitedC953SFP Secondary Cluster: Missing Endpoint Authentication
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 953
Name: SFP Secondary Cluster: Missing Endpoint Authentication
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
▼Potential Mitigations
▼Modes Of Introduction
▼Applicable Platforms
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      ▼Related Attack Patterns
      IDName
      ▼References
      Details not found