CWE-1061: Insufficient Encapsulation
Description
The product does not sufficiently hide the internal representation and implementation details of data or methods, which might allow external components or modules to modify data unexpectedly, invoke unexpected functionality, or introduce dependencies that the programmer did not intend.
Submission Date :
July 29, 2018, midnight
Modification Date :
2023-10-26 00:00:00+00:00
Organization :
MITRE
Extended Description
This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
Related Weaknesses
This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.
CWE-710: Improper Adherence to Coding Standards
CWE-766: Critical Data Element Declared Public
CWE-1054: Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
CWE-1057: Data Access Operations Outside of Expected Data Manager Component
CWE-1062: Parent Class with References to Child Class
CWE-1083: Data Access from Outside Expected Data Manager Component
CWE-1090: Method Containing Access of a Member Element from Another Class
CWE-1100: Insufficient Isolation of System-Dependent Functions
CWE-1105: Insufficient Encapsulation of Machine-Dependent Functionality
Visit http://cwe.mitre.org/ for more details.