![]() These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. This table shows the weaknesses and high level categories that are related to this weakness. Insecure Operation on Windows Junction / Mount Point Base level weaknesses typically describe issues in terms of 2 or 3 of the following dimensions: behavior, property, technology, language, and resource. That is still mostly independent of a resource or technology, but with sufficient details to provide specific methods for detection and prevention. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource. That is linked to a certain type of product, typically involving a specific language or technology. There can be cases in which one weakness might not be essential to a composite, but changes the nature of the composite when it becomes a vulnerability. One weakness, X, can be "broken down" into component weaknesses Y and Z. Removing any of the weaknesses eliminates or sharply reduces the risk. Use of Incorrectly-Resolved Name or ReferenceĬomposite - a Compound Element that consists of two or more distinct weaknesses, in which all weaknesses must be present at the same time in order for a potential vulnerability to arise. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. More specific than a Pillar Weakness, but more general than a Base Weakness. Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |