CWE-1084 具有过多文件或数据访问操作的可调用控件元素
Invokable Control Element with Excessive File or Data Access Operations
结构: Simple
Abstraction: Base
状态: Incomplete
被利用可能性: unkown
基本描述
A function or method contains too many operations that utilize a data manager or file resource.
扩展描述
This issue makes it more difficult to maintain the software, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
While the interpetation of "too many operations" may vary for each product or developer, CISQ recommends a default maximum of 7 operations for the same data manager or file.
相关缺陷
-
cwe_Nature: ChildOf cwe_CWE_ID: 405 cwe_View_ID: 1000 cwe_Ordinal: Primary
-
cwe_Nature: ChildOf cwe_CWE_ID: 405 cwe_View_ID: 699 cwe_Ordinal: Primary
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| Other | Reduce Maintainability |
分类映射
| 映射的分类名 | ImNode ID | Fit | Mapped Node Name |
|---|---|---|---|
| OMG ASCMM | ASCMM-MNT-14 |