|CWE||NAME||LAST 12M||LOW||MEDIUM||HIGH||CRITICAL||TOTAL VULNS|
|CWE-1270|| Generation of Incorrect Security Identifiers |
The product implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers generated in the system are incorrect.
|CWE-308|| Use of Single-factor Authentication |
The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme.
|CWE-253|| Incorrect Check of Function Return Value |
The software incorrectly checks a return value from a function, which prevents the software from detecting errors or exceptional conditions.
|CWE-526|| Information Exposure Through Environmental Variables |
Environmental variables may contain sensitive information about a remote server.
|CWE-232|| Improper Handling of Undefined Values |
The software does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name.
|CWE-372|| Incomplete Internal State Distinction |
The software does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect operations in a security-relevant manner.
|CWE-393|| Return of Wrong Status Code |
A function or operation returns an incorrect return value or status code that does not indicate an error, but causes the product to modify its behavior based on the incorrect result.
|CWE-278|| Insecure Preserved Inherited Permissions |
A product inherits a set of insecure permissions for an object, e.g. when copying from an archive file, without user awareness or involvement.
|CWE-841|| Improper Enforcement of Behavioral Workflow |
The software supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence.
|CWE-839|| Numeric Range Comparison Without Minimum Check |
The program checks a value to ensure that it is less than or equal to a maximum, but it does not also verify that the value is greater than or equal to the minimum.