CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

CWE-610

Abstraction:
Class

Structure:
Simple

Status:
Draft

Weakness Name: Externally Controlled Reference to a Resource in Another Sphere

Description: The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

Common Consequences: Scope: Confidentiality, Integrity
Impact: Read Application Data, Modify Application Data

Related Weaknesses: CWE-664

Release Date:
2007-05-07

Latest Modification Date:
2024-02-29