View-809: Weaknesses in OWASP Top Ten (2010)

admin
admin
admin
138116
文章
113
评论
2022年1月14日11:43:21评论149 views字数 1547阅读5分9秒阅读模式

View-809: Weaknesses in OWASP Top Ten (2010)

ID: 809

Type: Graph

Status: Obsolete

Objective

CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2010. This view is considered obsolete as a newer version of the OWASP Top Ten is available.

Audience

Software Developers

This view outlines the most important issues as identified by the OWASP Top Ten (2010 version), providing a good starting point for web application developers who want to code more securely.

Software Customers

This view outlines the most important issues as identified by the OWASP Top Ten (2010 version), providing customers with a way of asking their software developers to follow minimum expectations for secure code.

Educators

Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.

Membership

CWE-ID title
CWE-810 OWASP Top Ten 2010 Category A1 - Injection
CWE-811 OWASP Top Ten 2010 Category A2 - Cross-Site Scripting (XSS)
CWE-812 OWASP Top Ten 2010 Category A3 - Broken Authentication and Session Management
CWE-813 OWASP Top Ten 2010 Category A4 - Insecure Direct Object References
CWE-814 OWASP Top Ten 2010 Category A5 - Cross-Site Request Forgery(CSRF)
CWE-815 OWASP Top Ten 2010 Category A6 - Security Misconfiguration
CWE-816 OWASP Top Ten 2010 Category A7 - Insecure Cryptographic Storage
CWE-817 OWASP Top Ten 2010 Category A8 - Failure to Restrict URL Access
CWE-818 OWASP Top Ten 2010 Category A9 - Insufficient Transport Layer Protection
CWE-819 OWASP Top Ten 2010 Category A10 - Unvalidated Redirects and Forwards

Notes

Relationship

The relationships in this view are a direct extraction of the CWE mappings that are in the 2010 OWASP document. CWE has changed since the release of that document.

引用

REF-759 Top 10 2010

文章来源于互联网:scap中文网

免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年1月14日11:43:21
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   View-809: Weaknesses in OWASP Top Ten (2010)https://cn-sec.com/archives/612529.html
                  免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉.

发表评论

匿名网友 填写信息