forked from aquasecurity/vuln-list
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCWE-1084.json
27 lines (27 loc) · 941 Bytes
/
CWE-1084.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
{
"ID": 1084,
"Name": "Invokable Control Element with Excessive File or Data Access Operations",
"Description": "A function or method contains too many\n\t\t\t\t\toperations that utilize a data manager or file resource.",
"PotentialMitigations": {
"Mitigation": null
},
"RelatedAttackPatterns": {
"RelatedAttackPattern": null
},
"CommonConsequences": {
"Consequence": [
{
"Scope": [
"Other"
],
"Impact": [
"Reduce Maintainability"
]
}
]
},
"ExtendedDescription": [
"This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.",
"While the interpretation of \"too many operations\" may vary for each product or developer, CISQ recommends a default maximum of 7 operations for the same data manager or file."
]
}