CWE-610
Externally Controlled Reference to a Resource in Another Sphere
Draft
2007-05-07
00h00 +00:00
00h00 +00:00
2025-12-11
00h00 +00:00
00h00 +00:00
Meldingen voor een CWE
Blijf op de hoogte van wijzigingen voor een specifieke CWE.
Naam: Externally Controlled Reference to a Resource in Another Sphere
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Algemene informatie
Introductiemodi
Architecture and Design : COMMISSION: This weakness refers to an incorrect design related to an architectural security tactic.Toepasselijke platforms
Taal
Class: Not Language-Specific (Undetermined)Veelvoorkomende gevolgen
| Bereik | Impact | Waarschijnlijkheid |
|---|---|---|
| Confidentiality Integrity | Read Application Data, Modify Application Data Note: An adversary could read or modify data, depending on how the resource is intended to be used. | |
| Access Control | Gain Privileges or Assume Identity Note: An adversary that can supply a reference to an unintended resource can potentially access a resource that they do not have privileges for, thus bypassing existing access control mechanisms. | High |
Waargenomen voorbeelden
| Referenties | Beschrijving |
|---|---|
CVE-2022-3032 | An email client does not block loading of remote objects in a nested document. |
CVE-2022-45918 | Chain: a learning management tool debugger uses external input to locate previous session logs (CWE-73) and does not properly validate the given path (CWE-20), allowing for filesystem path traversal using "../" sequences (CWE-24) |
CVE-2018-1000613 | Cryptography API uses unsafe reflection when deserializing a private key |
CVE-2020-11053 | Chain: Go-based Oauth2 reverse proxy can send the authenticated user to another site at the end of the authentication flow. A redirect URL with HTML-encoded whitespace characters can bypass the validation (CWE-1289) to redirect to a malicious site (CWE-601) |
CVE-2022-42745 | Recruiter software allows reading arbitrary files using XXE |
CVE-2004-2331 | Database system allows attackers to bypass sandbox restrictions by using the Reflection API. |
Notities kwetsbaarheidsmapping
Rechtvaardiging : This CWE entry is a level-1 Class (i.e., a child of a Pillar). It might have lower-level children that would be more appropriateOpmerking : Examine children of this entry to see if there is a better fit
Gerelateerde aanvalspatronen
| CAPEC-ID | Naam aanvalspatroon |
|---|---|
| CAPEC-219 | XML Routing Detour Attacks
An attacker subverts an intermediate system used to process XML content and forces the intermediate to modify and/or re-route the processing of the content. XML Routing Detour Attacks are Adversary in the Middle type attacks (CAPEC-94). The attacker compromises or inserts an intermediate system in the processing of the XML message. For example, WS-Routing can be used to specify a series of nodes or intermediaries through which content is passed. If any of the intermediate nodes in this route are compromised by an attacker they could be used for a routing detour attack. From the compromised system the attacker is able to route the XML process to other nodes of their choice and modify the responses so that the normal chain of processing is unaware of the interception. This system can forward the message to an outside entity and hide the forwarding and processing from the legitimate processing systems by altering the header information. |
Notities
This is a general class of weakness, but most research is focused on more specialized cases, such as path traversal (CWE-22) and symlink following (CWE-61). A symbolic link has a name; in general, it appears like any other file in the file system. However, the link includes a reference to another file, often in another directory - perhaps in another sphere of control. Many common library functions that accept filenames will "follow" a symbolic link and use the link's target instead.The relationship between CWE-99 and CWE-610 needs further investigation and clarification. They might be duplicates. CWE-99 "Resource Injection," as originally defined in Seven Pernicious Kingdoms taxonomy, emphasizes the "identifier used to access a system resource" such as a file name or port number, yet it explicitly states that the "resource injection" term does not apply to "path manipulation," which effectively identifies the path at which a resource can be found and could be considered to be one aspect of a resource identifier. Also, CWE-610 effectively covers any type of resource, whether that resource is at the system layer, the application layer, or the code layer.
Indiening
| Naam | Organisatie | Datum | Releasedatum | Version |
|---|---|---|---|---|
| Anonymous Tool Vendor (under NDA) | Draft 6 |
Wijzigingen
| Naam | Organisatie | Datum | Opmerking |
|---|---|---|---|
| CWE Content Team | MITRE | updated Relationships, Other_Notes, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Other_Notes, Relationship_Notes | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Maintenance_Notes | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Modes_of_Introduction, Relationships, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Observed_Examples | |
| CWE Content Team | MITRE | updated Demonstrative_Examples, Mapping_Notes | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Relationships, Weakness_Ordinalities |
