Categories

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

The software contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the software's users or administrators.

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

The application stores sensitive information in cleartext within the GUI.

The code transmits data to another actor, but the data contains sensitive information that should not be accessible to the actor that is receiving the data.

The software allows user input to control or influence paths or file names that are used in filesystem operations.

The software does not neutralize or incorrectly neutralizes output that is written to logs.

The software does not release a file descriptor or handle after its effective lifetime has ended, i.e., after the file descriptor/handle is no longer needed.

The software does not properly protect an assumed-immutable element from being modified by an attacker.

The software allocates file descriptors or handles on behalf of an actor without imposing any restrictions on how many descriptors can be allocated, in violation of the intended security policy for that actor.