CWE-935 Categorie Detail

CWE-935

OWASP Top Ten 2013 Category A7 - Missing Function Level Access Control
Obsolete
2013-07-17 +00:00
2023-06-29 +00:00
CWE Mitre.org
Notifications for a CWE
Stay informed of any changes for a specific CWE.
Notifications manage

Name: OWASP Top Ten 2013 Category A7 - Missing Function Level Access Control

Weaknesses in this category are related to the A7 category in the OWASP Top Ten 2013.

CWE Members List

CWE-285: Improper Authorization Base

CWE Informations

Vulnerability Mapping Notes

Justification : This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment : See member weaknesses of this category.

Submission

Name Organization Date Date release Version
CWE Content Team MITRE 2013-07-16 +00:00 2013-07-17 +00:00 2.5

Modifications

Name Organization Date Comment
CWE Content Team MITRE 2014-06-23 +00:00 updated Relationships
CWE Content Team MITRE 2018-03-27 +00:00 updated Relationships
CWE Content Team MITRE 2023-04-27 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes

References

REF-934

Top 10 2013-A7-Missing Function Level Access Control
OWASP.
https://www.owasp.org/index.php/Top_10_2013-A7-Missing_Function_Level_Access_Control

The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.