Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-99:Improper Control of Resource Identifiers ('Resource Injection')
Weakness ID:99
Version:v4.17
Weakness Name:Improper Control of Resource Identifiers ('Resource Injection')
Vulnerability Mapping:Allowed-with-Review
Abstraction:Class
Structure:Simple
Status:Draft
Likelihood of Exploit:High
DetailsContent HistoryObserved CVE ExamplesReports
▼Submissions
Submission DateRelease DateSubmitterOrganizationVersionComment
2006-07-192006-07-197 Pernicious KingdomsN/ADraft 3

N/A

Submission Date: 2006-07-19

Release Date: 2006-07-19

Submitter: 7 Pernicious Kingdoms

Organization: N/A

Version: Draft 3

Comment:

N/A

▼Modifications
Modification DateRelease DateModifierOrganizationVersionImportanceComment
2008-07-01N/AEric DalciCigitalN/AN/A

updated Time_of_Introduction

2008-08-01N/AN/AKDM AnalyticsN/AN/A

added/updated white box definitions

2008-09-08N/ACWE Content TeamMITREN/AN/A

updated Relationships, Other_Notes, Taxonomy_Mappings, Weakness_Ordinalities

2009-05-27N/ACWE Content TeamMITREN/AN/A

updated Description, Name

2009-07-17N/AKDM AnalyticsN/AN/AN/A

Improved the White_Box_Definition

2009-07-27N/ACWE Content TeamMITREN/AN/A

updated White_Box_Definitions

2011-06-01N/ACWE Content TeamMITREN/AN/A

updated Common_Consequences, Other_Notes

2012-05-11N/ACWE Content TeamMITREN/AN/A

updated Common_Consequences, Relationships

2012-10-30N/ACWE Content TeamMITREN/AN/A

updated Potential_Mitigations

2013-02-21N/ACWE Content TeamMITREN/AN/A

updated Alternate_Terms, Maintenance_Notes, Other_Notes, Relationships

2013-07-17N/ACWE Content TeamMITREN/AN/A

updated Relationships

2014-06-23N/ACWE Content TeamMITREN/AN/A

updated Alternate_Terms, Description, Relationship_Notes, Relationships

2014-07-30N/ACWE Content TeamMITREN/AN/A

updated Relationships, Taxonomy_Mappings

2015-12-07N/ACWE Content TeamMITREN/AN/A

updated Relationships

2017-01-19N/ACWE Content TeamMITREN/AN/A

updated Relationships

2017-05-03N/ACWE Content TeamMITREN/AN/A

updated Related_Attack_Patterns, Relationships

2017-11-08N/ACWE Content TeamMITREN/AN/A

updated Applicable_Platforms, Causal_Nature, Modes_of_Introduction, Relationships, White_Box_Definitions

2019-01-03N/ACWE Content TeamMITREN/AN/A

updated References, Relationships, Taxonomy_Mappings

2019-06-20N/ACWE Content TeamMITREN/AN/A

updated Relationships

2020-02-24N/ACWE Content TeamMITREN/AN/A

updated Other_Notes, Potential_Mitigations, References, Relationships, Type

2020-08-20N/ACWE Content TeamMITREN/AN/A

updated Relationships

2020-12-10N/ACWE Content TeamMITREN/AN/A

updated Relationships

2021-10-28N/ACWE Content TeamMITREN/AN/A

updated Relationships

2023-01-31N/ACWE Content TeamMITREN/AN/A

updated Description

2023-04-27N/ACWE Content TeamMITREN/AN/A

updated Detection_Factors, Relationships

2023-06-29N/ACWE Content TeamMITREN/AN/A

updated Mapping_Notes

2023-10-26N/ACWE Content TeamMITREN/AN/A

updated Observed_Examples

Modification Date: 2008-07-01

Release Date: N/A

Modifier: Eric Dalci

Organization: Cigital

Version: N/A

Importance: N/A

Comment:

updated Time_of_Introduction

Modification Date: 2008-08-01

Release Date: N/A

Modifier: N/A

Organization: KDM Analytics

Version: N/A

Importance: N/A

Comment:

added/updated white box definitions

Modification Date: 2008-09-08

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships, Other_Notes, Taxonomy_Mappings, Weakness_Ordinalities

Modification Date: 2009-05-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Description, Name

Modification Date: 2009-07-17

Release Date: N/A

Modifier: KDM Analytics

Organization: N/A

Version: N/A

Importance: N/A

Comment:

Improved the White_Box_Definition

Modification Date: 2009-07-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated White_Box_Definitions

Modification Date: 2011-06-01

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Common_Consequences, Other_Notes

Modification Date: 2012-05-11

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Common_Consequences, Relationships

Modification Date: 2012-10-30

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Potential_Mitigations

Modification Date: 2013-02-21

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Alternate_Terms, Maintenance_Notes, Other_Notes, Relationships

Modification Date: 2013-07-17

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2014-06-23

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Alternate_Terms, Description, Relationship_Notes, Relationships

Modification Date: 2014-07-30

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships, Taxonomy_Mappings

Modification Date: 2015-12-07

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2017-01-19

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2017-05-03

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Related_Attack_Patterns, Relationships

Modification Date: 2017-11-08

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Applicable_Platforms, Causal_Nature, Modes_of_Introduction, Relationships, White_Box_Definitions

Modification Date: 2019-01-03

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated References, Relationships, Taxonomy_Mappings

Modification Date: 2019-06-20

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2020-02-24

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Other_Notes, Potential_Mitigations, References, Relationships, Type

Modification Date: 2020-08-20

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2020-12-10

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2021-10-28

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2023-01-31

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Description

Modification Date: 2023-04-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Detection_Factors, Relationships

Modification Date: 2023-06-29

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Mapping_Notes

Modification Date: 2023-10-26

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Observed_Examples

▼Contributions
Contributor DateRelease DateTypeContributorOrganizationVersionComment
▼Previous Name Entries
Change DatePrevious Entry NameVersion
2008-04-11

Resource Injection

N/A
2009-05-27

Insufficient Control of Resource Identifiers (aka 'Resource Injection')

N/A

Change Date: 2008-04-11

Version: N/A

Previous Entry Name: Resource Injection

Change Date: 2009-05-27

Version: N/A

Previous Entry Name: Insufficient Control of Resource Identifiers (aka 'Resource Injection')