SFP Secondary Cluster: Other Exposures
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
This category identifies Software Fault Patterns (SFPs) within the Other Exposures cluster.
The Web services architecture may require exposing a Web Service Definition Language (WSDL) file that contains information on the publicly accessible services and how ...
The software, by default, initializes an internal variable with an insecure or less secure value than is possible.
Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.
The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session.
Inner classes are translated into classes that are accessible at package scope and may expose code that the programmer intended to keep private to attackers.
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).