Category Archives: CWE

CWE-543 – Use of Singleton Pattern Without Synchronization in a Multithreaded Context

Read Time:46 Second

Description

The software uses the singleton pattern when creating a resource within a multithreaded environment.

The use of a singleton pattern may not be thread-safe.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-820
CWE-662
CWE-662

 

Consequences

Other, Integrity: Other, Modify Application Data

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Use the Thread-Specific Storage Pattern. See References.

Phase: Implementation

Description: 

Do not use member fields to store information in the Servlet. In multithreading environments, storing user data in Servlet member fields introduces a data access race condition.

Phase: Implementation

Effectiveness: Limited

Description: 

Avoid using the double-checked locking pattern in language versions that cannot guarantee thread safety. This pattern may be used to avoid the overhead of a synchronized call, but in certain versions of Java (for example), this has been shown to be unsafe because it still introduces a race condition (CWE-209).

CVE References

CWE-544 – Missing Standardized Error Handling Mechanism

Read Time:44 Second

Description

The software does not use a standardized method for handling errors throughout the code, which might introduce inconsistent error handling and resultant weaknesses.

If the application handles error messages individually, on a one-by-one basis, this is likely to result in inconsistent error handling. The causes of errors may be lost. Also, detailed information about the causes of an error may be unintentionally returned to the user.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-755

 

Consequences

Integrity, Other: Quality Degradation, Unexpected State, Varies by Context

 

Potential Mitigations

Phase: Architecture and Design

Description: 

define a strategy for handling errors of different severities, such as fatal errors versus basic log events. Use or create built-in language features, or an external package, that provides an easy-to-use API and define coding standards for the detection and handling of errors.

CVE References

CWE-502 – Deserialization of Untrusted Data

Read Time:2 Minute, 28 Second

Description

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

Serialization and deserialization refer to the process of taking program-internal object-related data, packaging it in a way that allows the data to be externally stored or transferred (“serialization”), then extracting the serialized data to reconstruct the original object (“deserialization”).

Modes of Introduction:

– Architecture and Design

 

Likelihood of Exploit: Medium

 

Related Weaknesses

CWE-913
CWE-913
CWE-915

 

Consequences

Integrity: Modify Application Data, Unexpected State

Attackers can modify unexpected objects or data that was assumed to be safe from modification.

Availability: DoS: Resource Consumption (CPU)

If a function is making an assumption on when to terminate, based on a sentry in a string, it could easily never terminate.

Other: Varies by Context

The consequences can vary widely, because it depends on which objects or methods are being deserialized, and how they are used. Making an assumption that the code in the deserialized object is valid is dangerous and can enable exploitation.

 

Potential Mitigations

Phase: Architecture and Design, Implementation

Description: 

If available, use the signing/sealing features of the programming language to assure that deserialized data has not been tainted. For example, a hash-based message authentication code (HMAC) could be used to ensure that data has not been modified.

Phase: Implementation

Description: 

When deserializing data, populate a new object rather than just deserializing. The result is that the data flows through safe input validation and that the functions are safe.

Phase: Implementation

Description: 

Explicitly define a final object() to prevent deserialization.

Phase: Architecture and Design, Implementation

Description: 

Phase: Implementation

Description: 

Avoid having unnecessary types or gadgets available that can be leveraged for malicious ends. This limits the potential for unintended or unauthorized types and gadgets to be leveraged by the attacker. Add only acceptable classes to an allowlist. Note: new gadgets are constantly being discovered, so this alone is not a sufficient mitigation.

CVE References

  • CVE-2019-12799
    • chain: bypass of untrusted deserialization issue (CWE-502) by using an assumed-trusted class (CWE-183)
  • CVE-2015-8103
    • Deserialization issue in commonly-used Java library allows remote execution.
  • CVE-2015-4852
    • Deserialization issue in commonly-used Java library allows remote execution.
  • CVE-2013-1465
    • Use of PHP unserialize function on untrusted input allows attacker to modify application configuration.
  • CVE-2012-3527
    • Use of PHP unserialize function on untrusted input in content management system might allow code execution.
  • CVE-2012-0911
    • Use of PHP unserialize function on untrusted input in content management system allows code execution using a crafted cookie value.
  • CVE-2012-0911
    • Content management system written in PHP allows unserialize of arbitrary objects, possibly allowing code execution.
  • CVE-2011-2520
    • Python script allows local users to execute code via pickled data.
  • CVE-2012-4406
    • Unsafe deserialization using pickle in a Python script.
  • CVE-2003-0791
    • Web browser allows execution of native methods via a crafted string to a JavaScript function that deserializes the string.

CWE-506 – Embedded Malicious Code

Read Time:50 Second

Description

The application contains code that appears to be malicious in nature.

Malicious flaws have acquired colorful names, including Trojan horse, trapdoor, timebomb, and logic-bomb. A developer might insert malicious code with the intent to subvert the security of an application or its host system at some time in the future. It generally refers to a program that performs a useful service but exploits rights of the program’s user in a way the user does not intend.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-912

 

Consequences

Confidentiality, Integrity, Availability: Execute Unauthorized Code or Commands

 

Potential Mitigations

Phase: Testing

Description: 

Remove the malicious code and start an effort to ensure that no more malicious code exists. This may require a detailed review of all code, as it is possible to hide a serious attack in only one or two lines of code. These lines may be located almost anywhere in an application and may have been intentionally obfuscated by the attacker.

CVE References

CWE-507 – Trojan Horse

Read Time:24 Second

Description

The software appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security policy of the user or the system administrator.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-506

 

Consequences

Confidentiality, Integrity, Availability: Execute Unauthorized Code or Commands

 

Potential Mitigations

Phase: Operation

Description: 

Most antivirus software scans for Trojan Horses.

Phase: Installation

Description: 

Verify the integrity of the software that is being installed.

CVE References

CWE-508 – Non-Replicating Malicious Code

Read Time:22 Second

Description

Non-replicating malicious code only resides on the target system or software that is attacked; it does not attempt to spread to other systems.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-507

 

Consequences

Confidentiality, Integrity, Availability: Execute Unauthorized Code or Commands

 

Potential Mitigations

Phase: Operation

Description: 

Antivirus software can help mitigate known malicious code.

Phase: Installation

Description: 

Verify the integrity of the software that is being installed.

CVE References

CWE-509 – Replicating Malicious Code (Virus or Worm)

Read Time:22 Second

Description

Replicating malicious code, including viruses and worms, will attempt to attack other systems once it has successfully compromised the target system or software.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-507

 

Consequences

Confidentiality, Integrity, Availability: Execute Unauthorized Code or Commands

 

Potential Mitigations

Phase: Operation

Description: 

Antivirus software scans for viruses or worms.

Phase: Installation

Description: 

Always verify the integrity of the software that is being installed.

CVE References

CWE-51 – Path Equivalence: ‘/multiple//internal/slash’

Read Time:41 Second

Description

A software system that accepts path input in the form of multiple internal slash (‘/multiple//internal/slash/’) without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-41

 

Consequences

Confidentiality, Integrity: Read Files or Directories, Modify Files or Directories

 

Potential Mitigations

Phase: Implementation

Description: 

Inputs should be decoded and canonicalized to the application’s current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.

CVE References

  • CVE-2002-1483
    • Read files with full pathname using multiple internal slash.

CWE-510 – Trapdoor

Read Time:30 Second

Description

A trapdoor is a hidden piece of code that responds to a special input, allowing its user access to resources without passing through the normal security enforcement mechanism.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-506

 

Consequences

Confidentiality, Integrity, Availability, Access Control: Execute Unauthorized Code or Commands, Bypass Protection Mechanism

 

Potential Mitigations

Phase: Installation

Description: 

Always verify the integrity of the software that is being installed.

Phase: Testing

Description: 

Identify and closely inspect the conditions for entering privileged areas of the code, especially those related to authentication, process invocation, and network communications.

CVE References

CWE-511 – Logic/Time Bomb

Read Time:41 Second

Description

The software contains code that is designed to disrupt the legitimate operation of the software (or its environment) when a certain time passes, or when a certain logical condition is met.

When the time bomb or logic bomb is detonated, it may perform a denial of service such as crashing the system, deleting critical data, or degrading system response time. This bomb might be placed within either a replicating or non-replicating Trojan horse.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-506

 

Consequences

Other, Integrity: Varies by Context, Alter Execution Logic

 

Potential Mitigations

Phase: Installation

Description: 

Always verify the integrity of the software that is being installed.

Phase: Testing

Description: 

Conduct a code coverage analysis using live testing, then closely inspect any code that is not covered.

CVE References