CWE-430 - Deployment of Wrong Handler

CWE-430

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Deployment of Wrong Handler

Description: The wrong "handler" is assigned to process an object.
An example of deploying the wrong handler would be calling a servlet to reveal source code of a .JSP file, or automatically "determining" type of the object even if it is contradictory to an explicitly specified type.

Common Consequences: Scope: Integrity, Other
Impact: Varies by Context, Unexpected State

Related Weaknesses

CWE-434Unrestricted Upload of File with Dangerous TypeMedium

CWE-691Insufficient Control Flow Management

CWE-433Unparsed Raw Web Content Delivery

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard