[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

127571

 
 

909

 
 

105400

 
 

152

Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Containment Errors (Container Errors)

ID: 216Date: (C)2012-05-14   (M)2019-07-18
Type: weaknessStatus: INCOMPLETE
Abstraction Type: Class





Description

This tries to cover various problems in which improper data are included within a "container."

Applicable Platforms
Language Class: All

Time Of Introduction

  • Architecture and Design
  • Implementation

Common Consequences

ScopeTechnical ImpactNotes
Other
 
Other
 
 

Detection Methods
None

Potential Mitigations

PhaseStrategyDescriptionEffectivenessNotes
Architecture and Design
 
Separation of Privilege
 
Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
Ensure that appropriate compartmentalization is built into the system design and that the compartmentalization serves to allow for and further reinforce privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide when it is appropriate to use and to drop system privileges.
 
  

Relationships

Related CWETypeViewChain
CWE-216 ChildOf CWE-907 Category CWE-888  

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

TaxynomyIdNameFit
PLOVER  Containment errors (container errors)
 
 

References:
None

CVE    2
CVE-2019-1911
CVE-2019-5736

© SecPod Technologies