CQE-9199: Comprehensive Consequences View

 
Comprehensive Consequences View
View ID: 9199 Maturity: Preliminary
+ View Data

View Objective

This view (slice) covers all the Consequences in CQE.

View Filter: name()='Consequence'

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements0out of16026out of66226
Views0out of77
Quality_Characteristics0out of4141
Quality_Issues0out of112112
Practices0out of4040
Consequences26out of2626
View Components
View Components
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
 
Arbitrary Code Execution
Consequence ID: 9017 Maturity: Preliminary
+ Description

Description Summary

Arbitrary Code Execution may result when programming logic or conditions allow code to be executed outside of expected functional parameters.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
79Cross-site Scripting Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
134Format String Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
434File Upload Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
CanFollow
Pr
Practice
9095File Upload Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9097Output Generation
Default Graph (primary)9001
CanFollow
Pr
Practice
9129Output Formatting Control
Default Graph (primary)9001
 
Data Corruption
Consequence ID: 9054 Maturity: Preliminary
+ Description

Description Summary

Data Corruption may result when programming logic creates scenarios in which data is modified or removed in a manner inconsistent with expected parameters.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
22Path Traversal Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Pr
Practice
9049Array Indexing
Default Graph (primary)9001
CanFollow
Pr
Practice
9078Memory Management
Default Graph (primary)9001
CanFollow
Pr
Practice
9104Data Encapsulation
Default Graph (primary)9001
CanFollow
Is
Issue
9153Data Element Declared Public
Default Graph (primary)9001
CanFollow
Is
Issue
9181Method Containing Access of a Member Element from Another Class
Default Graph (primary)9001
CanFollow
Pr
Practice
9183File Path Control
Default Graph (primary)9001
 
Deadlock
Consequence ID: 9028 Maturity: Preliminary
+ Description

Description Summary

Deadlock may result when processing is suspended while waiting on a currently locked resource to become available and unlocked. However, the lock is never released and the state remains locked.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
667Shared Resource Improper Locking
Default Graph (primary)9001
CanFollow
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
CanFollow
Is
Issue
9070Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9172State Protection
Default Graph (primary)9001
CanFollow
Pr
Practice
9178Locking
Default Graph (primary)9001
CanFollow
Is
Issue
9192Singleton Class Instance Creation without Proper Lock Element Management
Default Graph (primary)9001
 
Degraded Comprehension
Consequence ID: 9145 Maturity: Preliminary
+ Description

Description Summary

Degraded Comprehension may result when conditions are too complex, disorderly, or non-sensical to be interpreted by human understanding.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
CanFollow
Is
Issue
396Declaration of Catch for Generic Exception
Default Graph (primary)9001
CanFollow
Is
Issue
397Declaration of Throws for Generic Exception
Default Graph (primary)9001
CanFollow
Is
Issue
9007Architecture with Number of Horizontal Layers Outside of Expected Range
Default Graph (primary)9001
CanFollow
Pr
Practice
9036Unrestricted Data Operations
Default Graph (primary)9001
CanFollow
Is
Issue
9052Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Default Graph (primary)9001
CanFollow
Is
Issue
9093Invokable Control Element with Signature Containing an Excessive Number of Parameters
Default Graph (primary)9001
CanFollow
Is
Issue
9108Empty Exception Block
Default Graph (primary)9001
CanFollow
Pr
Practice
9121Structured Programming
Default Graph (primary)9001
CanFollow
Is
Issue
9123Class with an Excessive Inheritance Level
Default Graph (primary)9001
CanFollow
Pr
Practice
9124Layered Architectures
Default Graph (primary)9001
CanFollow
Pr
Practice
9131Error/Exception Handling
Default Graph (primary)9001
CanFollow
Is
Issue
9134Unconditional Control Flow Transfer outside of Switch Block
Default Graph (primary)9001
CanFollow
Pr
Practice
9137Unrestricted Parameters
Default Graph (primary)9001
CanFollow
Is
Issue
9160Invokable Control Element with Excessive File or Data Access Operations
Default Graph (primary)9001
CanFollow
Is
Issue
9184Use of Same Invokable Control Element in Multiple Architectural Layers
Default Graph (primary)9001
CanFollow
Is
Issue
9185Excessive Cyclomatic Complexity Within an Invokable Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9220Excessive Use of Unconditional Branching
Default Graph (primary)9001
CanFollow
Is
Issue
9222Excessive Cyclomatic Complexity
Default Graph (primary)9001
CanFollow
Is
Issue
9223Excessive Halstead Complexity
Default Graph (primary)9001
CanFollow
Is
Issue
9224Excessive Use of Self-Modifying Code
Default Graph (primary)9001
CanFollow
Is
Issue
9225Excessively Deep Nesting
Default Graph (primary)9001
CanFollow
Is
Issue
9227Declaration of Variable with Unnecessarily Wide Scope
Default Graph (primary)9001
 
Denial of Service
Consequence ID: 9031 Maturity: Preliminary
+ Description

Description Summary

Denial of Service may result if resources are exhausted at the time which they are called upon.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
672Expired or Released Resource Usage
Default Graph (primary)9001
CanFollow
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
 
Erroneous Behaviors
Consequence ID: 9057 Maturity: Preliminary
+ Description

Description Summary

Unpredictable or erroneous behaviors may result when programming logic, data, or conditions interact in a way that is outside of expected functional parameters.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
CanFollow
Is
Issue
456Storable and Member Data Element Missing Initialization
Default Graph (primary)9001
CanFollow
Is
Issue
704Incorrect Type Conversion or Cast
Default Graph (primary)9001
CanFollow
Is
Issue
9062Invokable Control Element with Variadic Parameter Element
Default Graph (primary)9001
CanFollow
Is
Issue
9100Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Default Graph (primary)9001
CanFollow
Is
Issue
9102Missing Serialization Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9110Serializable Data Element Containing non-Serializable Item Elements
Default Graph (primary)9001
CanFollow
Is
Issue
9138Float Type Storable and Member Data Element Comparison with Equality Operator
Default Graph (primary)9001
CanFollow
Is
Issue
9156Class Instance Self Destruction Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9193Persistent Storable Data Element without Associated Comparison Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9194Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element
Default Graph (primary)9001
 
Excessive Modification Effort
Consequence ID: 9113 Maturity: Preliminary
+ Description

Description Summary

Excessive Modification Effort may result when code, documentation, or other conditions are too complex, disorderly, or non-sensical to be understood and modified in a timely or efficient manner.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9007Architecture with Number of Horizontal Layers Outside of Expected Range
Default Graph (primary)9001
CanFollow
Is
Issue
9011Use of Redundant Code
Default Graph (primary)9001
CanFollow
Is
Issue
9052Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Default Graph (primary)9001
CanFollow
Is
Issue
9060Multiple Inheritance from Concrete Classes
Default Graph (primary)9001
CanFollow
Is
Issue
9079Unreachable Invokable Control Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9088Reuse
Default Graph (primary)9001
CanFollow
Pr
Practice
9089Code Comments
Default Graph (primary)9001
CanFollow
Is
Issue
9123Class with an Excessive Inheritance Level
Default Graph9001
CanFollow
Pr
Practice
9124Layered Architectures
Default Graph (primary)9001
CanFollow
Pr
Practice
9131Error/Exception Handling
Default Graph (primary)9001
CanFollow
Is
Issue
9161Excessive Volume of Commented-out Code
Default Graph (primary)9001
CanFollow
Is
Issue
9165Class with Excessive Number of Child Classes
Default Graph (primary)9001
CanFollow
Is
Issue
9184Use of Same Invokable Control Element in Multiple Architectural Layers
Default Graph (primary)9001
CanFollow
Is
Issue
9225Excessively Deep Nesting
Default Graph9001
 
Excessive Propagation of Modification Impacts
Consequence ID: 9141 Maturity: Preliminary
+ Description

Description Summary

Excessive Propagation of Modification Impacts may result when modifications are used that cause complex outward dependencies, excess lines of code, or other unnecessarily complex behavior that impacts significant results downstream in the code.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Pr
Practice
9016Modular Development
Default Graph (primary)9001
CanFollow
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
CanFollow
Is
Issue
9024Callable and Method Control Element Number of Outward Calls
Default Graph (primary)9001
CanFollow
Is
Issue
9151Source Code File with Excessive Number of Lines of Code
Default Graph (primary)9001
CanFollow
Is
Issue
9190Loop Condition Value Update within the Loop
Default Graph (primary)9001
 
Excessive Resource Expenditure
Consequence ID: 9039 Maturity: Preliminary
+ Description

Description Summary

Excessive Resource Expenditure may result when code does not manage or utilize resources in an efficient manner.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9004Static Member Data Element outside of a Singleton Class Element
Default Graph (primary)9001
CanFollow
Is
Issue
9005Data Element Aggregating an Excessively Large Number of Non-Primitive Elements
Default Graph (primary)9001
CanFollow
Is
Issue
9014Creation of Immutable Text Using String Concatenation
Default Graph (primary)9001
CanFollow
Is
Issue
9027Excessive Data Query Operations in a Large Data Table
Default Graph (primary)9001
CanFollow
Is
Issue
9041Excessive Platform Resource Consumption within a Loop
Default Graph (primary)9001
CanFollow
Pr
Practice
9061Recursion
Default Graph (primary)9001
CanFollow
Is
Issue
9077Excessive Number of Data Accesses using Inefficient Procedures
Default Graph (primary)9001
CanFollow
Pr
Practice
9083Iteration Control
Default Graph (primary)9001
CanFollow
Is
Issue
9090Initialization within a Static Code Block
Default Graph (primary)9001
CanFollow
Pr
Practice
9094Resource Bounds
Default Graph (primary)9001
CanFollow
Is
Issue
9103Excessive Execution of Sequential Searches of Data Resource
Default Graph (primary)9001
CanFollow
Pr
Practice
9105Data Access Constructs
Default Graph (primary)9001
CanFollow
Is
Issue
9112Allocation of Memory without Associated Release
Default Graph (primary)9001
CanFollow
Is
Issue
9116Data Resource Access without Use of Connection Pooling
Default Graph (primary)9001
CanFollow
Is
Issue
9122Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access
Default Graph (primary)9001
CanFollow
Pr
Practice
9144Resource Monitoring
Default Graph (primary)9001
CanFollow
Pr
Practice
9167Stored Procedures & Functions
Default Graph (primary)9001
CanFollow
Is
Issue
9175Excessive Number of Indices for a Large Data Table
Default Graph (primary)9001
CanFollow
Pr
Practice
9176Coding Practices
Default Graph (primary)9001
CanFollow
Is
Issue
9182Use of Data Element without Invoking Deconstructor Method
Default Graph (primary)9001
CanFollow
Is
Issue
9187Excessive Index Range Scan for a Data Resource
Default Graph (primary)9001
 
Execution of Arbitrary Code
Consequence ID: 9059 Maturity: Preliminary
+ Description

Description Summary

 
Exposed Functionality
Consequence ID: 9035 Maturity: Preliminary
+ Description

Description Summary

Exposed Functionality may result when the method or logic used in code, authentication, or other software components are exposed to unintended actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
 
Exposed Resources
Consequence ID: 9032 Maturity: Preliminary
+ Description

Description Summary

Exposed Resources may result when CPU cycles, memory, file data and other components are exposed to unintended actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
 
Failure
Consequence ID: 9143 Maturity: Preliminary
+ Description

Description Summary

Failure is a class of Consequences that includes any number of results due to unexpected parameters, conditions or logic during code execution.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
129Array Index Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
606Unchecked Input for Loop Condition
Default Graph (primary)9001
CanFollow
Is
Issue
672Expired or Released Resource Usage
Default Graph (primary)9001
CanFollow
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
CanFollow
Is
Issue
789Uncontrolled Memory Allocation
Default Graph (primary)9001
CanFollow
Is
Issue
835Loop with Unreachable Exit Condition ('Infinite Loop')
Default Graph (primary)9001
CanFollow
Pr
Practice
9006OS Command Execution
Default Graph (primary)9001
CanFollow
Pr
Practice
9010Execution Status Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9026Remote System Call Blocking
Default Graph (primary)9001
CanFollow
Is
Issue
9042Initialization with Hard-Coded Network Resource Configuration Data
Default Graph (primary)9001
CanFollow
Pr
Practice
9049Array Indexing
Default Graph (primary)9001
CanFollow
Pr
Practice
9068Embedded Network Configuration
Default Graph (primary)9001
CanFollow
Pr
Practice
9078Memory Management
Default Graph (primary)9001
CanFollow
Pr
Practice
9083Iteration Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9085Numerical Conversion
Default Graph (primary)9001
CanFollow
Is
Issue
9173Synchronous Call Time-Out Absence
Default Graph (primary)9001
 
Increased (Access) Time
Consequence ID: 9140 Maturity: Preliminary
+ Description

Description Summary

Increased Access Time may result when code runs in an inefficient manner, resources are exhausted, or any number of conditions that take more than optimal cycles to complete.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9069Data Access Operations Outside of Expected Data Manager Component
Default Graph (primary)9001
CanFollow
Pr
Practice
9096Cache Maintenance
Default Graph (primary)9001
 
Information Disclosure
Consequence ID: 9189 Maturity: Preliminary
+ Description

Description Summary

Information Disclosure may result when sensitive data or feedback is unintentionally provided to unauthorized actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
134Format String Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
CanFollow
Pr
Practice
9129Output Formatting Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9183File Path Control
Default Graph (primary)9001
 
Livelock
Consequence ID: 9082 Maturity: Preliminary
+ Description

Description Summary

Livelock may result when processing is suspended while a resource's lock-state continues to change.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
CanFollow
Is
Issue
9070Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9172State Protection
Default Graph (primary)9001
CanFollow
Is
Issue
9192Singleton Class Instance Creation without Proper Lock Element Management
Default Graph (primary)9001
 
Loss of Data Integrity
Consequence ID: 9038 Maturity: Preliminary
+ Description

Description Summary

Loss of Data Integrity may result when accuracy and consistency of data degrades over its life-cycle, or when unexpectedly exposed to unauthorized actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
129Array Index Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
789Uncontrolled Memory Allocation
Default Graph (primary)9001
 
Math Error
Consequence ID: 9146 Maturity: Preliminary
+ Description

Description Summary

A Math Error may result when incorrect parameters are supplied to a mathematical function, the programming logic is incorrect in some way, or improper implementation of algorithms cause casting errors, precision errors, or other algorithmic errors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
681Numeric Types Incorrect Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9085Numerical Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9170Initialization Practices
Default Graph (primary)9001
 
Memory Corruption
Consequence ID: 9022 Maturity: Preliminary
+ Description

Description Summary

Memory Corruption may result when array index bounds are not adhered to, or memory addresses are written to or modified directly.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
789Uncontrolled Memory Allocation
Default Graph (primary)9001
CanFollow
Pr
Practice
9049Array Indexing
Default Graph (primary)9001
CanFollow
Pr
Practice
9078Memory Management
Default Graph (primary)9001
 
Poisoned Data Usage
Consequence ID: 9154 Maturity: Preliminary
+ Description

Description Summary

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
CanFollow
Is
Issue
396Declaration of Catch for Generic Exception
Default Graph (primary)9001
CanFollow
Is
Issue
397Declaration of Throws for Generic Exception
Default Graph (primary)9001
 
Reduced Adaptability
Consequence ID: 9132 Maturity: Preliminary
+ Description

Description Summary

Adaptability may be reduced if variables are initialized or defined by hard-coded or set values embedded within the code.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9046Excessive Use of Hard-Coded Literals in Initialization
Default Graph (primary)9001
CanFollow
Pr
Practice
9142Hard-Coding
Default Graph (primary)9001
 
Resource Exhaustion
Consequence ID: 9177 Maturity: Preliminary
+ Description

Description Summary

Resource Exhaustion may result when a specific resource is expended and/or not replaced and remains unavailable.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
606Unchecked Input for Loop Condition
Default Graph (primary)9001
CanFollow
Is
Issue
674Uncontrolled Recursion
Default Graph (primary)9001
CanFollow
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
CanFollow
Is
Issue
788Memory Location Access After End of Buffer
Default Graph (primary)9001
CanFollow
Is
Issue
835Loop with Unreachable Exit Condition ('Infinite Loop')
Default Graph (primary)9001
CanFollow
Pr
Practice
9061Recursion
Default Graph (primary)9001
CanFollow
Pr
Practice
9080Resource Lifecycle
Default Graph (primary)9001
CanFollow
Pr
Practice
9083Iteration Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9085Numerical Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9094Resource Bounds
Default Graph (primary)9001
CanFollow
Pr
Practice
9144Resource Monitoring
Default Graph (primary)9001
 
Security Vulnerabilities
Consequence ID: 9058 Maturity: Preliminary
+ Description

Description Summary

Security Vulnerabilities are a class of Consequences that includes any security-sensitive context that allows for code to perform outside of expected parameters.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
456Storable and Member Data Element Missing Initialization
Default Graph (primary)9001
CanFollow
Is
Issue
681Numeric Types Incorrect Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9085Numerical Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9129Output Formatting Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9170Initialization Practices
Default Graph (primary)9001
 
Unauthorized Access to Sensitive Information
Consequence ID: 9152 Maturity: Preliminary
+ Description

Description Summary

Unauthorized Access to Sensitive Information may result when improper access controls are implemented, resulting in data leaks or unauthorized parties accessing information.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
22Path Traversal Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
79Cross-site Scripting Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
89SQL Injection Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
99Name or Reference Resolution Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
129Array Index Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
327Broken or Risky Cryptographic Algorithm Usage
Default Graph (primary)9001
CanFollow
Is
Issue
672Expired or Released Resource Usage
Default Graph (primary)9001
CanFollow
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
CanFollow
Is
Issue
789Uncontrolled Memory Allocation
Default Graph (primary)9001
CanFollow
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Default Graph (primary)9001
CanFollow
Pr
Practice
9003SQL Command Execution
Default Graph (primary)9001
CanFollow
Pr
Practice
9006OS Command Execution
Default Graph (primary)9001
CanFollow
Pr
Practice
9049Array Indexing
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
CanFollow
Pr
Practice
9078Memory Management
Default Graph (primary)9001
CanFollow
Pr
Practice
9097Output Generation
Default Graph (primary)9001
CanFollow
Pr
Practice
9127Resource Identification Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9136Cryptography
Default Graph (primary)9001
CanFollow
Pr
Practice
9183File Path Control
Default Graph (primary)9001
 
Unauthorized Code Execution
Consequence ID: 9030 Maturity: Preliminary
+ Description

Description Summary

Unauthorized Code Execution may result when improper access controls are implemented, resulting in code being executed by unprivileged actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
78OS Command Injection Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Pr
Practice
9006OS Command Execution
Default Graph (primary)9001
CanFollow
Pr
Practice
9006OS Command Execution
Default Graph (primary)9001
 
Unexpected Behaviors
Consequence ID: 9168 Maturity: Preliminary
+ Description

Description Summary

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
CanFollow
Is
Issue
456Storable and Member Data Element Missing Initialization
Default Graph (primary)9001
CanFollow
Is
Issue
704Incorrect Type Conversion or Cast
Default Graph (primary)9001
CanFollow
Is
Issue
9013Child Class Element without Virtual Destructor unlike its Parent Class Element
Default Graph (primary)9001
CanFollow
Is
Issue
9062Invokable Control Element with Variadic Parameter Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9076Data Integrity Management
Default Graph (primary)9001
CanFollow
Is
Issue
9087Parent Class Element with References to Child Class Element
Default Graph (primary)9001
CanFollow
Is
Issue
9100Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Default Graph (primary)9001
CanFollow
Is
Issue
9102Missing Serialization Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9110Serializable Data Element Containing non-Serializable Item Elements
Default Graph (primary)9001
CanFollow
Is
Issue
9138Float Type Storable and Member Data Element Comparison with Equality Operator
Default Graph (primary)9001
CanFollow
Is
Issue
9147Parent Class Element without Virtual Destructor Method Element
Default Graph (primary)9001
CanFollow
Is
Issue
9156Class Instance Self Destruction Control Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9157Inheritance and Polymorphism
Default Graph (primary)9001
CanFollow
Is
Issue
9159Data Access Control Element from Outside Designated Data Manager Component
Default Graph (primary)9001
CanFollow
Is
Issue
9166Class Element with Virtual Method Element without Virtual Destructor
Default Graph (primary)9001
CanFollow
Is
Issue
9193Persistent Storable Data Element without Associated Comparison Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9194Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element
Default Graph (primary)9001
Page Last Updated or Reviewed: October 01, 2017