2022年1月14日11:26:55评论31 views字数 590阅读1分58秒阅读模式

Category-355: 用户界面安全问题

ID: 355
Status: Draft

Summary

Weaknesses in this category are related to or introduced in the User Interface (UI).

Membership

ID	NAME
CWE-317	在GUI中的明文存储
CWE-356	产品UI接口未警示用户不安全动作
CWE-357	对危险操作的UI警示不充分
CWE-446	安全特性的UI矛盾
CWE-450	UI输入的多重解释
CWE-451	关键信息的UI错误表达
CWE-549	口令域未进行输入隐藏

Taxonomy Mappings

Mapped Taxonomy Name	Node ID	Fit	Mapped Node Name
PLOVER			(UI) User Interface Errors

Notes

Research Gap

User interface errors that are relevant to security have not been studied at a high level.

文章来源于互联网:scap中文网

相关推荐: Category-840: 业务逻辑错误

Category-840: 业务逻辑错误 ID: 840 Status: Incomplete Summary Weaknesses in this category identify some of the underlying problems that …

左青龙
微信扫一扫

右白虎
微信扫一扫

Category-355: 用户界面安全问题

Category-355: 用户界面安全问题

Summary

Membership

Taxonomy Mappings

Notes

Research Gap

View-999: Weaknesses without Software Fault Patterns

View-884: CWE Cross-section

View-868: Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)

View-844: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)

View-809: Weaknesses in OWASP Top Ten (2010)

View-800: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

View-750: Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors

View-734: Weaknesses Addressed by the CERT C Secure Coding Standard (2008)

View-711: Weaknesses in OWASP Top Ten (2004)

View-709: Named Chains

发表评论

在线咨询

微信