CWE-1386
Overview
- CWE ID
- 1386
- CWE Name
- Insecure Operation on Windows Junction / Mount Point
- CWE Abstraction
- Base
- CWE structure
- Simple
- CWE Status
- Incomplete
Description
The software opens a file or directory, but it does not properly prevent the name from being associated with a junction or mount point to a destination that is outside of the intended control sphere.
Extended Description
Related CWEs
| CWE ID | View ID | Nature | Ordinal |
|---|---|---|---|
| 59 | 1000 | ChildOf | Primary |