Categories

CWE NAME LAST 12M LOW MEDIUM HIGH CRITICAL TOTAL VULNS
CWE-1270 Generation of Incorrect Security Identifiers
The product implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers generated in the system are incorrect.
0 0 0 1 1
CWE-308 Use of Single-factor Authentication
The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme.
0 1 0 0 1
CWE-253 Incorrect Check of Function Return Value
The software incorrectly checks a return value from a function, which prevents the software from detecting errors or exceptional conditions.
0 1 0 0 1
CWE-526 Information Exposure Through Environmental Variables
Environmental variables may contain sensitive information about a remote server.
0 1 0 0 1
CWE-232 Improper Handling of Undefined Values
The software does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name.
0 1 0 0 1
CWE-372 Incomplete Internal State Distinction
The software does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect operations in a security-relevant manner.
0 1 0 0 1
CWE-393 Return of Wrong Status Code
A function or operation returns an incorrect return value or status code that does not indicate an error, but causes the product to modify its behavior based on the incorrect result.
0 0 1 0 1
CWE-278 Insecure Preserved Inherited Permissions
A product inherits a set of insecure permissions for an object, e.g. when copying from an archive file, without user awareness or involvement.
0 0 1 0 1
CWE-841 Improper Enforcement of Behavioral Workflow
The software supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence.
0 0 0 1 1
CWE-839 Numeric Range Comparison Without Minimum Check
The program checks a value to ensure that it is less than or equal to a maximum, but it does not also verify that the value is greater than or equal to the minimum.
0 0 1 0 1