CWE-1061Insufficient Encapsulation

PUBLISHEDweakness record
released 2019-01-03 · last modified 2025-12-11

Metadata

CWE ID:
CWE-1061
摘要:
Class
结构:
Simple
状态:
Incomplete
发布日期:
2019-01-03
更新日期:
2025-12-11

名称

Insufficient Encapsulation

描述

The product does not sufficiently hide the internal representation and implementation details of data or methods, which might allow external components or modules to modify data unexpectedly, invoke unexpected functionality, or introduce dependencies that the programmer did not intend.

常见后果

范围:
Access Control
影响:
Varies by Context, Bypass Protection Mechanism
注释:
An attacker can access data or methods that were not intended to be accessible.
范围:
Other
影响:
Reduce Maintainability, Increase Analytical Complexity
注释:
This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.

相关 CWE