Improper Enforcement of Message or Data Structure
Description The software does not enforce or incorrectly enforces that structured messages or data are well-formed before being read from an upstream component or sent to a downstream component. Extended DescriptionIf a message is malformed it may cause the message to be incorrectly interpreted.This weakness typically applies in cases where the product prepares a control message that another process must act on, such as a command or query, and malicious input that was intended as data, can enter the control plane instead. However, this weakness also applies to more general cases where there are not always control implications. Applicable PlatformsLanguage Class: All Time Of Introduction
Related Attack Patterns
Common Consequences
Detection MethodsNone Potential MitigationsNone Relationships
Demonstrative ExamplesNone White Box Definitions None Black Box Definitions None Taxynomy MappingsNone References:None |