| Choosing Message Identifier |
|
CWE-201
|
Insertion of Sensitive Information Into Sent Data
|
|
CWE-306
|
Missing Authentication for Critical Function
|
|
| Force the System to Reset Values |
|
CWE-306
|
Missing Authentication for Critical Function
|
|
CWE-1221
|
Incorrect Register Defaults or Module Parameters
|
|
CWE-1232
|
Improper Lock Behavior After Power State Transition
|
|
| Communication Channel Manipulation |
|
CWE-306
|
Missing Authentication for Critical Function
|
|
| Using Unpublished Interfaces or Functionality |
|
CWE-306
|
Missing Authentication for Critical Function
|
|
CWE-693
|
Protection Mechanism Failure
|
|
CWE-695
|
Use of Low-Level Functionality
|
|
CWE-1242
|
Inclusion of Undocumented Features or Chicken Bits
|
|
| Cross Site Request Forgery |
|
CWE-306
|
Missing Authentication for Critical Function
|
|
CWE-352
|
Cross-Site Request Forgery (CSRF)
|
|
CWE-664
|
Improper Control of a Resource Through its Lifetime
|
|
CWE-732
|
Incorrect Permission Assignment for Critical Resource
|
|
CWE-1275
|
Sensitive Cookie with Improper SameSite Attribute
|
|