CWE-767

Access to Critical Private Variable via Public Method

The product defines a public method that reads or modifies a private variable.

Mitigation

Phase: Implementation

Description:

  • Use class accessor and mutator methods appropriately. Perform validation when accepting data from a public method that is intended to modify a critical private variable. Also be sure that appropriate access controls are being applied when a public method interfaces with critical data.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page