View-928: Weaknesses in OWASP Top Ten (2013)

admin
admin
admin
75827
文章
59
评论
2022年1月7日02:24:12评论34 views字数 1578阅读5分15秒阅读模式

View-928: Weaknesses in OWASP Top Ten (2013)

ID: 928

Type: Graph

Status: Obsolete

Objective

CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2013. This view is considered obsolete as a newer version of the OWASP Top Ten is available.

Audience

Software Developers

This view outlines the most important issues as identified by the OWASP Top Ten (2013 version), providing a good starting point for web application developers who want to code more securely.

Software Customers

This view outlines the most important issues as identified by the OWASP Top Ten (2013 version), providing customers with a way of asking their software developers to follow minimum expectations for secure code.

Educators

Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.

Membership

CWE-ID title
CWE-929 OWASP Top Ten 2013 Category A1 - Injection
CWE-930 OWASP Top Ten 2013 Category A2 - Broken Authentication and Session Management
CWE-931 OWASP Top Ten 2013 Category A3 - Cross-Site Scripting (XSS)
CWE-932 OWASP Top Ten 2013 Category A4 - Insecure Direct Object References
CWE-933 OWASP Top Ten 2013 Category A5 - Security Misconfiguration
CWE-934 OWASP Top Ten 2013 Category A6 - Sensitive Data Exposure
CWE-935 OWASP Top Ten 2013 Category A7 - Missing Function Level Access Control
CWE-936 OWASP Top Ten 2013 Category A8 - Cross-Site Request Forgery (CSRF)
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-938 OWASP Top Ten 2013 Category A10 - Unvalidated Redirects and Forwards

Notes

Relationship

The relationships in this view have been pulled directly from the 2013 OWASP Top 10 document, either from the explicit mapping section, or from weakness types alluded to in the written sections.

引用

REF-926 Top 10 2013

文章来源于互联网:scap中文网

特别标注: 本站(CN-SEC.COM)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
  • 我的微信
  • 微信扫一扫
  • weinxin
  • 我的微信公众号
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年1月7日02:24:12
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                  View-928: Weaknesses in OWASP Top Ten (2013) http://cn-sec.com/archives/612743.html

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: