CWE-1125 Details

The product has an attack surface whose quantitative measurement exceeds a desirable maximum.

Einführungsmodi

Implementation
Architecture and Design

Anwendbare Plattformen

Sprache

Class: Not Language-Specific (Undetermined)

Häufige Konsequenzen

Hinweise zur Schwachstellen-Zuordnung

Begründung : This entry is primarily a quality issue with no direct security implications.
Kommentar : Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.

Referenzen

REF-966

An Attack Surface Metric
Pratyusa Manadhata.
http://reports-archive.adm.cs.cmu.edu/anon/2008/CMU-CS-08-152.pdf

REF-967

Measuring a System's Attack Surface
Pratyusa Manadhata, Jeannette M. Wing.
http://www.cs.cmu.edu/afs/cs/usr/wing/www/publications/ManadhataWing04.pdf

Einreichung

Änderungen