Category-4: J2EE环境问题
ID: 4
Status: Incomplete
Summary
J2EE framework related environment issues with security implications.
Membership
ID | NAME |
---|---|
CWE-5 | J2EE误配置:未经加密的数据传输 |
CWE-555 | J2EE误配置:在配置文件中明文存储口令 |
CWE-6 | J2EE误配置:会话ID长度不充分 |
CWE-7 | J2EE误配置:缺少定制错误页面 |
CWE-8 | J2EE误配置:实体Bean远程声明 |
CWE-9 | J2EE误配置:EJB方法弱访问权限 |
Taxonomy Mappings
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
OWASP Top Ten 2004 | A10 | Insecure Configuration Management |
文章来源于互联网:scap中文网
相关推荐: Category-726: OWASP Top Ten 2004 Category A5 - Buffer Overflows
Category-726: OWASP Top Ten 2004 Category A5 - Buffer Overflows ID: 726 Status: Obsolete Summary Weaknesses in this category are r…
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论