CWE-183 - Permissive List of Allowed Inputs
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-06-29
Weakness Name
Permissive List of Allowed Inputs
Description
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.
Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism
