CWE-706 - Use of Incorrectly-Resolved Name or Reference

CWE-706

Abstraction:
Class

Structure:
Simple

Status:
Incomplete

Weakness Name: Use of Incorrectly-Resolved Name or Reference

Description: The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

Common Consequences: Scope: Confidentiality, Integrity
Impact: Read Application Data, Modify Application Data

Related Weaknesses

CWE-99Improper Control of Resource Identifiers ('Resource Injection')High

CWE-664Improper Control of a Resource Through its Lifetime

Release Date:
2008-09-09

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard