CWE-706

Use of Incorrectly-Resolved Name or Reference

Class

What it is

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

Impact

Confidentiality, Integrity

Read Application Data, Modify Application Data

Related weaknesses

CWE-664 (childof)CWE-99 (peerof)

Test & detect

Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.

Source: MITRE CWE. View on cwe.mitre.org →