CWE-767: Access to Critical Private Variable via Public Method

BaseIncomplete

The product defines a public method that reads or modifies a private variable.

View on MITRE
Back to CWE Lookup

Extended Description

If an attacker modifies the variable to contain unexpected values, this could violate assumptions from other parts of the code. Additionally, if an attacker can read the private variable, it may expose sensitive information or make it easier to launch further attacks.

Technical Details

Structure
Simple

Applicable To

Languages
C++C#Java
Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-767

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references

CWE-767: Access to Critical Private Variable via Public Method | CWE Lookup | Inventive HQ