CQE - CQE-9152: Unauthorized Access to Sensitive Information (Draft 0.9)

	Common Quality Enumeration A Community-Developed Dictionary of Quality Issues
Home \| CQE List \| About CQE
Search by ID:

CQE-9152: Unauthorized Access to Sensitive Information

Unauthorized Access to Sensitive Information

[an error occurred while processing this directive] Definition in a New Window

Consequence ID: 9152

Maturity: Preliminary

Description

Description Summary

Unauthorized Access to Sensitive Information may result when improper access controls are implemented, resulting in data leaks or unauthorized parties accessing information.

Relationships

Nature	Type	ID	Name	View(s) this relationship pertains to View
CanFollow	Is Issue	22	Path Traversal Improper Input Neutralization	Default Graph (primary)9001
CanFollow	Is Issue	79	Cross-site Scripting Improper Input Neutralization	Default Graph (primary)9001
CanFollow	Is Issue	89	SQL Injection Improper Input Neutralization	Default Graph (primary)9001
CanFollow	Is Issue	99	Name or Reference Resolution Improper Input Neutralization	Default Graph (primary)9001
CanFollow	Is Issue	120	Buffer Copy without Checking Size of Input	Default Graph (primary)9001
CanFollow	Is Issue	129	Array Index Improper Input Neutralization	Default Graph (primary)9001
CanFollow	Is Issue	327	Broken or Risky Cryptographic Algorithm Usage	Default Graph (primary)9001
CanFollow	Is Issue	672	Expired or Released Resource Usage	Default Graph (primary)9001
CanFollow	Is Issue	772	Missing Release of Resource after Effective Lifetime	Default Graph (primary)9001
CanFollow	Is Issue	789	Uncontrolled Memory Allocation	Default Graph (primary)9001
CanFollow	Is Issue	798	Hard-Coded Credentials Usage for Remote Authentication	Default Graph (primary)9001
CanFollow	Pr Practice	9003	SQL Command Execution	Default Graph (primary)9001
CanFollow	Pr Practice	9006	OS Command Execution	Default Graph (primary)9001
CanFollow	Pr Practice	9049	Array Indexing	Default Graph (primary)9001
CanFollow	Pr Practice	9063	Authentication Practices	Default Graph (primary)9001
CanFollow	Pr Practice	9078	Memory Management	Default Graph (primary)9001
CanFollow	Pr Practice	9097	Output Generation	Default Graph (primary)9001
CanFollow	Pr Practice	9127	Resource Identification Control	Default Graph (primary)9001
CanFollow	Pr Practice	9136	Cryptography	Default Graph (primary)9001
CanFollow	Pr Practice	9183	File Path Control	Default Graph (primary)9001


	This Web site is sponsored and managed by The MITRE Corporation to enable stakeholder collaboration. Copyright © 2006-2024, The MITRE Corporation. CQE, CWE, and the CQE logo are trademarks of The MITRE Corporation. Contact cqe@mitre.org for more information.	Privacy policy Terms of use Contact us

Common Quality Enumeration

CQE-9152: Unauthorized Access to Sensitive Information