CWE-706 - Use of Incorrectly-Resolved Name or Reference
- Abstraction:Class
- Structure:Simple
- Status:Incomplete
- Release Date:2008-09-09
- Latest Modification Date:2023-06-29
Weakness Name
Use of Incorrectly-Resolved Name or Reference
Description
The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
Common Consequences
Scope: Confidentiality, Integrity
Impact: Read Application Data, Modify Application Data
Related Weaknesses
CWE-99Improper Control of Resource Identifiers ('Resource Injection')High