CWE Weaknesses On the Cusp 2023 Mapping

ID

Name/description

Parasoft rule ID(s)

CWE-617

Reachable Assertion

  • CWE.617.ASSERT

CWE-427

Uncontrolled Search Path Element

  • CWE.427.PBRTE

CWE-611

Improper Restriction of XML External Entity Reference

  • CWE.611.XMLVAL
  • CWE.611.DXXE

CWE-770

Allocation of Resources Without Limits or Throttling

  • CWE.770.TDALLOC
  • CWE.770.ISTART

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

  • CWE.200.SENS
  • CWE.200.SENSLOG
  • CWE.200.CONSEN
  • CWE.200.PEO
  • CWE.200.SIO
  • CWE.200.ACPST
  • CWE.200.EWSSEC

CWE-732

Incorrect Permission Assignment for Critical Resource

  • CWE.732.ASNF
  • CWE.732.CFAP
  • CWE.732.IDP
  • CWE.732.SCHTTP

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

  • CWE.601.TDNET
  • CWE.601.TDRESP
  • CWE.601.VRD
  • CWE.601.UCO

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

  • N/A

CWE-295

Improper Certificate Validation

  • CWE.295.HV
  • CWE.295.VSI

CWE-522

Insufficiently Protected Credentials

  • CWE.522.TDPASSWD
  • CWE.522.UPWD
  • CWE.522.PLAIN
  • CWE.522.PCCF
  • CWE.522.PTPT
  • CWE.522.PWDPROP
  • CWE.522.PWDXML
  • CWE.522.UTAX
  • CWE.522.WCPWD
  • CWE.522.WPWD
  • CWE.522.CKTS
  • CWE.522.USC

CWE-401

Missing Release of Memory after Effective Lifetime

  • N/A

CWE-400

Uncontrolled Resource Consumption

  • CWE.400.LEAKS
  • CWE.400.TDALLOC
  • CWE.400.USB
  • CWE.400.DMDS
  • CWE.400.ISTART

CWE-639

Authorization Bypass Through User-Controlled Key

  • N/A

CWE-59

Improper Link Resolution Before File Access ('Link Following')

  • CWE.59.FOLLOW
  • CWE.59.LNK

CWE-668

Exposure of Resource to Wrong Sphere

  • CWE.668.ASNF
  • CWE.668.CFAP
  • CWE.668.SENS
  • CWE.668.SENSLOG
  • CWE.668.TDFNAMES
  • CWE.668.TDINPUT
  • CWE.668.TDLIB
  • CWE.668.TDPASSWD
  • CWE.668.RR
  • CWE.668.UPWD
  • CWE.668.MFP
  • CWE.668.IMM
  • CWE.668.PSFA
  • CWE.668.PLAIN
  • CWE.668.SYSP
  • CWE.668.SPFF
  • CWE.668.CONSEN
  • CWE.668.PEO
  • CWE.668.RA
  • CWE.668.SIF
  • CWE.668.SIO
  • CWE.668.ATF
  • CWE.668.PCCF
  • CWE.668.PTPT
  • CWE.668.PWDPROP
  • CWE.668.PWDXML
  • CWE.668.UTAX
  • CWE.668.WCPWD
  • CWE.668.WPWD
  • CWE.668.ACPST
  • CWE.668.APIBS
  • CWE.668.CKTS
  • CWE.668.CLONE
  • CWE.668.EWSSEC
  • CWE.668.IDP
  • CWE.668.INNER
  • CWE.668.PBRTE
  • CWE.668.SCHTTP
  • CWE.668.SER
  • CWE.668.USC
  • CWE.668.UCO