logo

CWE-610 - Externally Controlled Reference to a Resource in Another Sphere

  • Abstraction:Class
  • Structure:Simple
  • Status:Draft
  • Release Date:2007-05-07
  • Latest Modification Date:2024-02-29

Weakness Name

Externally Controlled Reference to a Resource in Another Sphere

Description

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

Common Consequences

Scope: Confidentiality, Integrity

Impact: Read Application Data, Modify Application Data

Related Weaknesses