Statements (26)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
gptkbp:affects |
gptkb:software
|
gptkbp:canBe |
malicious input
|
gptkbp:category |
Software weakness
|
gptkbp:cause |
data breach
privilege escalation arbitrary command execution |
gptkbp:citation |
https://cwe.mitre.org/data/definitions/78.html
|
gptkbp:describes |
OS command injection vulnerability
|
https://www.w3.org/2000/01/rdf-schema#label |
CWE-78
|
gptkbp:name |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
|
gptkbp:partOf |
gptkb:CWE
|
gptkbp:prevention |
input validation
least privilege principle use of safe APIs |
gptkbp:relatedTo |
gptkb:CWE-77
gptkb:CWE-89 CWE-88 |
gptkbp:vulnerableTo |
78
|
gptkbp:bfsParent |
gptkb:CVE-2017-17215
gptkb:CVE-2022-25076 gptkb:CVE-2022-25078 gptkb:CWE gptkb:CVE-2014-6271 gptkb:CVE-2014-7169 |
gptkbp:bfsLayer |
7
|