Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
:
Weakness ID:
Version:
Weakness Name:
Vulnerability Mapping:
Abstraction:
Structure:
Status:
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

▼Extended Description

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
ChildOfAllowed-with-ReviewC943Improper Neutralization of Special Elements in Data Query Logic
ParentOfAllowedV456Missing Initialization of a Variable
ParentOfAllowedV564SQL Injection: Hibernate
Nature: ChildOf
Mapping: Allowed-with-Review
Type: Class
ID: 943
Name: Improper Neutralization of Special Elements in Data Query Logic
Nature: ParentOf
Mapping: Allowed
Type: Variant
ID: 456
Name: Missing Initialization of a Variable
Nature: ParentOf
Mapping: Allowed
Type: Variant
ID: 564
Name: SQL Injection: Hibernate
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC137Data Neutralization Issues
MemberOfProhibitedV635Weaknesses Originally Used by NVD from 2008 to 2016
MemberOfProhibitedC713OWASP Top Ten 2007 Category A2 - Injection Flaws
MemberOfProhibitedC722OWASP Top Ten 2004 Category A1 - Unvalidated Input
MemberOfProhibitedC727OWASP Top Ten 2004 Category A6 - Injection Flaws
MemberOfProhibitedC7512009 Top 25 - Insecure Interaction Between Components
MemberOfProhibitedC8012010 Top 25 - Insecure Interaction Between Components
MemberOfProhibitedC810OWASP Top Ten 2010 Category A1 - Injection
MemberOfProhibitedC8642011 Top 25 - Insecure Interaction Between Components
MemberOfProhibitedV884CWE Cross-section
MemberOfProhibitedC929OWASP Top Ten 2013 Category A1 - Injection
MemberOfProhibitedC990SFP Secondary Cluster: Tainted Input to Command
MemberOfProhibitedC10057PK - Input Validation and Representation
MemberOfProhibitedC1019Validate Inputs
MemberOfProhibitedC1027OWASP Top Ten 2017 Category A1 - Injection
MemberOfProhibitedC1131CISQ Quality Measures (2016) - Security
MemberOfProhibitedV1200Weaknesses in the 2019 CWE Top 25 Most Dangerous Software Errors
MemberOfProhibitedC1308CISQ Quality Measures - Security
MemberOfProhibitedV1337Weaknesses in the 2021 CWE Top 25 Most Dangerous Software Weaknesses
MemberOfProhibitedV1340CISQ Data Protection Measures
MemberOfProhibitedC1347OWASP Top Ten 2021 Category A03:2021 - Injection
MemberOfProhibitedV1350Weaknesses in the 2020 CWE Top 25 Most Dangerous Software Weaknesses
MemberOfProhibitedV1387Weaknesses in the 2022 CWE Top 25 Most Dangerous Software Weaknesses
MemberOfProhibitedC1409Comprehensive Categorization: Injection
MemberOfProhibitedV1425Weaknesses in the 2023 CWE Top 25 Most Dangerous Software Weaknesses
MemberOfProhibitedV1430Weaknesses in the 2024 CWE Top 25 Most Dangerous Software Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 137
Name: Data Neutralization Issues
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 635
Name: Weaknesses Originally Used by NVD from 2008 to 2016
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 713
Name: OWASP Top Ten 2007 Category A2 - Injection Flaws
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 722
Name: OWASP Top Ten 2004 Category A1 - Unvalidated Input
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 727
Name: OWASP Top Ten 2004 Category A6 - Injection Flaws
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 751
Name: 2009 Top 25 - Insecure Interaction Between Components
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 801
Name: 2010 Top 25 - Insecure Interaction Between Components
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 810
Name: OWASP Top Ten 2010 Category A1 - Injection
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 864
Name: 2011 Top 25 - Insecure Interaction Between Components
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 884
Name: CWE Cross-section
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 929
Name: OWASP Top Ten 2013 Category A1 - Injection
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 990
Name: SFP Secondary Cluster: Tainted Input to Command
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1005
Name: 7PK - Input Validation and Representation
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1019
Name: Validate Inputs
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1027
Name: OWASP Top Ten 2017 Category A1 - Injection
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1131
Name: CISQ Quality Measures (2016) - Security
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 1200
Name: Weaknesses in the 2019 CWE Top 25 Most Dangerous Software Errors
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1308
Name: CISQ Quality Measures - Security
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 1337
Name: Weaknesses in the 2021 CWE Top 25 Most Dangerous Software Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 1340
Name: CISQ Data Protection Measures
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1347
Name: OWASP Top Ten 2021 Category A03:2021 - Injection
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 1350
Name: Weaknesses in the 2020 CWE Top 25 Most Dangerous Software Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 1387
Name: Weaknesses in the 2022 CWE Top 25 Most Dangerous Software Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1409
Name: Comprehensive Categorization: Injection
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 1425
Name: Weaknesses in the 2023 CWE Top 25 Most Dangerous Software Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:View
ID: 1430
Name: Weaknesses in the 2024 CWE Top 25 Most Dangerous Software Weaknesses
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-240Weaknesses in Software Written in SQL
MemberOfProhibitedBSBOSS-272Weaknesses in Database Server
MemberOfProhibitedBSBOSS-274High likelihood of exploit
MemberOfProhibitedBSBOSS-276Environment Hardening Strategy
MemberOfProhibitedBSBOSS-278Libraries or Frameworks Strategy
MemberOfProhibitedBSBOSS-279Input Validation Strategy
MemberOfProhibitedBSBOSS-282Parameterization Strategy
MemberOfProhibitedBSBOSS-284Output Encoding Strategy
MemberOfProhibitedBSBOSS-285Firewall Strategy
MemberOfProhibitedBSBOSS-287Enforcement by Conversion Strategy
MemberOfProhibitedBSBOSS-294Not Language-Specific Weaknesses
MemberOfProhibitedBSBOSS-311Execute Unauthorized Code or Commands (impact)
MemberOfProhibitedBSBOSS-316Bypass Protection Mechanism (impact)
MemberOfProhibitedBSBOSS-318Modify Application Data (impact)
MemberOfProhibitedBSBOSS-328Read Application Data (impact)
MemberOfProhibitedBSBOSS-332Gain Privileges or Assume Identity (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-240
Name: Weaknesses in Software Written in SQL
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-272
Name: Weaknesses in Database Server
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-274
Name: High likelihood of exploit
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-276
Name: Environment Hardening Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-278
Name: Libraries or Frameworks Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-279
Name: Input Validation Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-282
Name: Parameterization Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-284
Name: Output Encoding Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-285
Name: Firewall Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-287
Name: Enforcement by Conversion Strategy
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-294
Name: Not Language-Specific Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-311
Name: Execute Unauthorized Code or Commands (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-316
Name: Bypass Protection Mechanism (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-318
Name: Modify Application Data (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-328
Name: Read Application Data (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-332
Name: Gain Privileges or Assume Identity (impact)
▼Relevant To View
Relevant to the view"Seven Pernicious Kingdoms - (700)"
NatureMappingTypeIDName
MemberOfProhibitedC10057PK - Input Validation and Representation
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1005
Name: 7PK - Input Validation and Representation
Relevant to the view"Architectural Concepts - (1008)"
NatureMappingTypeIDName
MemberOfProhibitedC1019Validate Inputs
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1019
Name: Validate Inputs
Relevant to the view"CISQ Quality Measures (2020) - (1305)"
NatureMappingTypeIDName
MemberOfProhibitedC1308CISQ Quality Measures - Security
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1308
Name: CISQ Quality Measures - Security
Relevant to the view"OWASP Top Ten (2021) - (1344)"
NatureMappingTypeIDName
MemberOfProhibitedC1347OWASP Top Ten 2021 Category A03:2021 - Injection
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1347
Name: OWASP Top Ten 2021 Category A03:2021 - Injection
Relevant to the view"Software Development - (699)"
NatureMappingTypeIDName
MemberOfProhibitedC137Data Neutralization Issues
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 137
Name: Data Neutralization Issues
Relevant to the view"Software Fault Pattern (SFP) Clusters - (888)"
NatureMappingTypeIDName
MemberOfProhibitedC990SFP Secondary Cluster: Tainted Input to Command
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 990
Name: SFP Secondary Cluster: Tainted Input to Command
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
▼Potential Mitigations
▼Modes Of Introduction
▼Applicable Platforms
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      ▼Related Attack Patterns
      IDName
      ▼References
      Details not found