Overview
This reference provides detailed information about each impact category, including which CWEs (Common Weakness Enumeration) map to each impact. Use this to understand what types of vulnerabilities fall under each impact category. For a high-level overview of impacts, see Impacts.Impact details
Execute Commands
Execute Commands
Execute arbitrary code or commands.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-78 | Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) |
| CWE-94 | Improper Control of Generation of Code (‘Code Injection’) |
| CWE-95 | Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval Injection’) |
| CWE-98 | Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) |
| CWE-190 | Integer Overflow or Wraparound |
| CWE-470 | Use of Externally-Controlled Input to Select Classes or Code (‘Unsafe Reflection’) |
| CWE-489 | Active Debug Code |
| CWE-502 | Deserialization of Untrusted Data |
| CWE-611 | Improper Restriction of XML External Entity Reference |
| CWE-913 | Improper Control of Dynamically-Managed Code Resources |
| CWE-917 | Improper Neutralization of Special Elements used in an Expression Language Statement (‘Expression Language Injection’) |
Takeover Accounts
Takeover Accounts
Authenticate as another user or hijack sessions.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-352 | Cross-Site Request Forgery (CSRF) |
| CWE-598 | Use of GET Request Method With Sensitive Query Strings |
| CWE-613 | Insufficient Session Expiration |
Gain Access
Gain Access
Bypass authorization or escalate privileges.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-20 | Improper Input Validation |
| CWE-90 | Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’) |
| CWE-287 | Improper Authentication |
| CWE-352 | Cross-Site Request Forgery (CSRF) |
| CWE-601 | URL Redirection to Untrusted Site (‘Open Redirect’) |
| CWE-918 | Server-Side Request Forgery (SSRF) |
Obtain Secrets
Obtain Secrets
Extract credentials or keys for reuse.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor |
| CWE-321 | Use of Hard-coded Cryptographic Key |
| CWE-798 | Use of Hard-coded Credentials |
Access Data
Access Data
Read or manipulate structured data.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-15 | External Control of System or Configuration Setting |
| CWE-22 | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) |
| CWE-89 | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) |
| CWE-90 | Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’) |
| CWE-346 | Origin Validation Error |
| CWE-611 | Improper Restriction of XML External Entity Reference |
| CWE-643 | Improper Neutralization of Data within XPath Expressions (‘XPath Injection’) |
| CWE-918 | Server-Side Request Forgery (SSRF) |
Access Files
Access Files
Read or modify files or paths.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-20 | Improper Input Validation |
| CWE-22 | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) |
| CWE-73 | External Control of File Name or Path |
| CWE-502 | Deserialization of Untrusted Data |
| CWE-548 | Exposure of Information Through Directory Listing |
| CWE-552 | Files or Directories Accessible to External Parties |
| CWE-611 | Improper Restriction of XML External Entity Reference (‘XML External Entity (XXE)‘) |
| CWE-918 | Server-Side Request Forgery (SSRF) |
Intercept Traffic
Intercept Traffic
Observe or alter data in transit.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-295 | Improper Certificate Validation |
| CWE-319 | Cleartext Transmission of Sensitive Information |
| CWE-322 | Key Exchange without Entity Authentication |
| CWE-326 | Inadequate Encryption Strength |
| CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| CWE-614 | Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute |
| CWE-780 | Use of RSA Algorithm without OAEP |
Insufficient Data Protection
Insufficient Data Protection
Sensitive data at rest is not adequately protected.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-310 | Cryptographic Issues |
| CWE-312 | Cleartext Storage of Sensitive Information |
| CWE-326 | Inadequate Encryption Strength |
| CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| CWE-328 | Use of Weak Hash |
| CWE-329 | Generation of Predictable IV with CBC Mode |
| CWE-780 | Use of RSA Algorithm without OAEP |
| CWE-916 | Use of Password Hash With Insufficient Computational Effort |
| CWE-1004 | Sensitive Cookie Without ‘HttpOnly’ Flag |
| CWE-1240 | Use of a Cryptographic Primitive with a Risky Implementation |
Bypass Cryptographic Controls
Bypass Cryptographic Controls
Predict or undermine cryptographic controls.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-330 | Use of Insufficiently Random Values |
| CWE-338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) |
| CWE-347 | Improper Verification of Cryptographic Signature |
Facilitate Client-side Attacks
Facilitate Client-side Attacks
Target end users.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-79 | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) |
| CWE-116 | Improper Encoding or Escaping of Output |
| CWE-346 | Origin Validation Error |
| CWE-352 | Cross-Site Request Forgery (CSRF) |
| CWE-554 | ASP.NET Misconfiguration: Not Using Input Validation Framework |
| CWE-601 | URL Redirection to Untrusted Site (‘Open Redirect’) |
| CWE-693 | Protection Mechanism Failure |
| CWE-918 | Server-Side Request Forgery (SSRF) |
| CWE-942 | Permissive Cross-domain Policy with Untrusted Domains |
| CWE-1004 | Sensitive Cookie Without ‘HttpOnly’ Flag |
| CWE-1275 | Sensitive Cookie with Improper SameSite Attribute |
Access Application State
Access Application State
Learn internal state or configuration.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-11 | ASP.NET Misconfiguration: Creating Debug Binary |
| CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor |
| CWE-209 | Generation of Error Message Containing Sensitive Information |
| CWE-489 | Active Debug Code |
| CWE-915 | Improperly Controlled Modification of Dynamically-Determined Object Attributes |
| CWE-1323 | Improper Management of Sensitive Trace Data |
Evade Detection
Evade Detection
Avoid logging or monitoring.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-93 | Improper Neutralization of CRLF Sequences (‘CRLF Injection’) |
Degrade Performance
Degrade Performance
Exhaust resources or reduce availability.Associated CWEs:
| CWE | Description |
|---|---|
| CWE-400 | Uncontrolled Resource Consumption |
| CWE-409 | Improper Handling of Highly Compressed Data (Data Amplification) |
| CWE-502 | Deserialization of Untrusted Data |
| CWE-611 | Improper Restriction of XML External Entity Reference |
| CWE-1333 | Inefficient Regular Expression Complexity |
Related docs
- Impacts: overview of impact categories
- Code Security Rules: security rule coverage by language