Category-16: 配置

admin 2021年12月4日16:23:36评论112 views字数 886阅读2分57秒阅读模式

Category-16: 配置

ID: 16
Status: Draft

Summary

Weaknesses in this category are typically introduced during the configuration of the software.

Membership

ID NAME
CWE-4 J2EE环境问题
CWE-519 .NET环境问题

Taxonomy Mappings

Mapped Taxonomy Name Node ID Fit Mapped Node Name
WASC 14 Server Misconfiguration
WASC 15 Application Misconfiguration

Notes

Maintenance

This entry is a Category, but various sources map to it anyway, e.g. by NVD, despite CWE guidance that Categories should not be mapped. In this case, there are no clear CWE Weaknesses that can be utilized. "Inappropriate Configuration" might be better described as a Weakness, so this entry might be converted to a Weakness in a later version. Further research is required, however, as a "configuration weakness" might be Primary to many other CWEs, i.e., it might be better described in terms of chaining relationships.

文章来源于互联网:scap中文网

相关推荐: CWE-768 不正确的快捷方式验证

CWE-768 不正确的快捷方式验证 Incorrect Short Circuit Evaluation 结构: Simple Abstraction: Variant 状态: Incomplete 被利用可能性: Low 基本描述 The software…

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2021年12月4日16:23:36
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   Category-16: 配置http://cn-sec.com/archives/613350.html

发表评论

匿名网友 填写信息