OWASP Top Ten 2010 Category A6 - Security Misconfiguration
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to the A6 category in the OWASP Top Ten 2010.
The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of o...
The product makes files or directories accessible to unauthorized actors, even though they should not be.
The software generates an error message that includes sensitive information about its environment, users, or associated data.
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive ...
The application stores sensitive data under the web document root with insufficient access control, which might make it accessible to untrusted parties.
Deprecated or Obsolete
CWE nodes in this view (graph) are associated with the OWASP Top Ten, as released in 2010. This view is considered obsolete as a newer version of the OWASP Top Ten is ...