Weaknesses in OWASP Top Ten (2017)

A view in the Common Weakness Enumeration published by The MITRE Corporation.


Objective

Views in the Common Weakness Enumeration (CWE) represent one perspective with which to consider a set of weaknesses.

CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2017.

Target Audience

Educators

Since the OWASP Top Ten covers the most frequently encountered issues, this view can be used by educators as training material for students.

Product Customers

This view outlines the most important issues as identified by the OWASP Top Ten (2017 version), providing product customers with a way of asking their software development teams to follow minimum expectations for secure code.

Software Developers

This view outlines the most important issues as identified by the OWASP Top Ten (2017 version), providing a good starting point for web application developers who want to code more securely.

Categories

OWASP Top Ten 2017 Category A1 - Injection

Weaknesses in this category are related to the A1 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A2 - Broken Authentication

Weaknesses in this category are related to the A2 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A3 - Sensitive Data Exposure

Weaknesses in this category are related to the A3 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A4 - XML External Entities (XXE)

Weaknesses in this category are related to the A4 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A5 - Broken Access Control

Weaknesses in this category are related to the A5 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A6 - Security Misconfiguration

Weaknesses in this category are related to the A6 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A7 - Cross-Site Scripting (XSS)

Weaknesses in this category are related to the A7 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A8 - Insecure Deserialization

Weaknesses in this category are related to the A8 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

OWASP Top Ten 2017 Category A10 - Insufficient Logging & Monitoring

Weaknesses in this category are related to the A10 category in the OWASP Top Ten 2017.

See Also

  1. Top 10 2017

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.