CWE-183Permissive List of Allowed Inputs

PUBLISHEDweakness record
released 2006-07-19 · last modified 2025-12-11

Metadata

CWE ID:
CWE-183
摘要:
Base
结构:
Simple
状态:
Draft
发布日期:
2006-07-19
更新日期:
2025-12-11

名称

Permissive List of Allowed Inputs

描述

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.

常见后果

范围:
Access Control
影响:
Bypass Protection Mechanism

相关 CWE