CWE-15 - External Control of System or Configuration Setting

CWE-15

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: External Control of System or Configuration Setting

Description: One or more system settings or configuration elements can be externally controlled by a user.
Allowing external control of system settings can disrupt service or cause an application to behave in unexpected, and potentially malicious ways.

Common Consequences: Scope: Other
Impact: Varies by Context

Related Weaknesses

CWE-20Improper Input ValidationHigh

CWE-610Externally Controlled Reference to a Resource in Another Sphere

CWE-642External Control of Critical State DataHigh

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard