CWE-183 - Permissive List of Allowed Inputs
CWE-183
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Permissive List of Allowed Inputs
- Description
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.
- Common Consequences
Scope: Access Control
Impact: Bypass Protection Mechanism
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website