CWE-1174
ASP.NET Misconfiguration: Improper Model Validation
Draft
2019-01-03
00h00 +00:00
00h00 +00:00
2023-06-29
00h00 +00:00
00h00 +00:00
Notifications pour un CWE
Restez informé de toutes modifications pour un CWE spécifique.
Nom: ASP.NET Misconfiguration: Improper Model Validation
The ASP.NET application does not use, or incorrectly uses, the model validation framework.
Informations générales
Modes d'introduction
Architecture and DesignImplementation
Plateformes applicables
Langue
Name: ASP.NET (Undetermined)Conséquences courantes
| Portée | Impact | Probabilité |
|---|---|---|
| Integrity | Unexpected State Note: Unchecked input leads to cross-site scripting, process control, and SQL injection vulnerabilities, among others. |
Notes de cartographie des vulnérabilités
Justification : This CWE entry is at the Variant level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Commentaire : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Soumission
| Nom | Organisation | Date | Date de publication | Version |
|---|---|---|---|---|
| CWE Content Team | MITRE | 3.2 |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes |
