CWE-2:7PK - Environment

概览

CWE-2(7PK - Environment)描述一种在漏洞数据库与安全评估中使用的弱点类型;定义、背景与映射 CVE 见下方各节。

安全影响
安全影响:因产品与场景而异;请结合 CVE 记录、严重度评分与 MITRE 说明进行优先级判断。

描述

This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that are typically introduced during unexpected environmental conditions. According to the authors of the Seven Pernicious Kingdoms, "This section includes everything that is outside of the source code but is still critical to the security of the product that is being created. Because the issues covered by this kingdom are not directly related to source code, we separated it from the rest of the kingdoms."

曾用名

  • Environment (2017-11-08)

内容提交

名称
7 Pernicious Kingdoms
日期
2006-07-19
版本
Draft 3

内容修订

日期 名称 版本 重要性 评论
2008-09-08 CWE Content Team 1.0 updated Relationships
2013-07-17 CWE Content Team 2.5 updated Relationships
2015-12-07 CWE Content Team 2.9 updated Relationships
2017-01-19 CWE Content Team 2.10 updated Maintenance_Notes, Relationships
2017-11-08 CWE Content Team 3.0 updated Description, Maintenance_Notes, Name
2018-03-27 CWE Content Team 3.1 updated Relationships
2019-06-20 CWE Content Team 3.3 updated Relationships
2020-02-24 CWE Content Team 4.0 updated References
2021-10-28 CWE Content Team 4.6 updated Relationships
2023-04-27 CWE Content Team 4.11 updated Mapping_Notes
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
cvelogic Threat Intelligence