OWASP Top Ten 2004 Category A10 - Insecure Configuration Management
Category ID: 731 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the A10 category in the OWASP Top Ten 2004.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfCategoryCategory4J2EE Environment Issues
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfCategoryCategory10ASP.NET Environment Issues
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base209Information Exposure Through an Error Message
Weaknesses in OWASP Top Ten (2004)711
ParentOfWeakness VariantWeakness Variant215Information Leak Through Debug Information
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant219Sensitive Data Under Web Root
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfCategoryCategory275Permission Issues
Weaknesses in OWASP Top Ten (2004)711
ParentOfCategoryCategory295Certificate Issues
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base459Incomplete Cleanup
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base489Leftover Debug Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant526Information Leak Through Environmental Variables
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant527Exposure of CVS Repository to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant528Exposure of Core Dump File to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant529Exposure of Access Control List Files to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant530Exposure of Backup File to an Unauthorized Control Sphere
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant531Information Leak Through Test Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant532Information Leak Through Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant533Information Leak Through Server Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant534Information Leak Through Debug Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant540Information Leak Through Source Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant541Information Leak Through Include Source Code
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant542Information Leak Through Cleanup Log Files
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness VariantWeakness Variant548Information Leak Through Directory Listing
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base552Files or Directories Accessible to External Parties
Weaknesses in OWASP Top Ten (2004) (primary)711
MemberOfViewView711Weaknesses in OWASP Top Ten (2004)
Weaknesses in OWASP Top Ten (2004) (primary)711
+ References
OWASP. "A10 Insecure Configuration Management". 2007. <http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=70827>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-08-15VeracodeExternal Submission
Suggested creation of view and provided mappings
Modifications
Modification DateModifierOrganizationSource
2009-03-10CWE Content TeamMITREInternal
updated Relationships