AffectedResourcesType is The AffectedResourcesType complex type is used to identify system resources that can be affected by an exploit of this weakness.

AlternateTerm ...

AlternateTermsType is The AlternateTermsType complex type indicates one or more other names used to describe this weakness.

ApplicablePlatformsType is The ApplicablePlatformsType complex type specifies the languages, operating systems, architectures, and technologies in which a given weakness could appear.

Architecture ...

AudienceType is The AudienceType complex type provides a reference to the target stakeholders or groups for a view.

BackgroundDetailsType is The BackgroundDetailsType complex type contains one or more Background_Detail elements, each of which contains information that is relevant but not related to the nature of the weakness itself.

Categories ...

CategoryType is The required ID attribute provides a unique identifier for the category.

CommonConsequencesType is The optional Consequence_ID attribute is used by the internal CWE team to uniquely identify examples that are repeated across any number of individual weaknesses.

Consequence ...

ContentHistoryType is The ContentHistoryType complex type provides elements to keep track of the original author of an entry and any subsequent modifications to the content.

Contribution ...

DemonstrativeExample ...

DemonstrativeExamplesType is The optional Demonstrative_Example_ID attribute is used by the internal CWE team to uniquely identify examples that are repeated across any number of individual weaknesses.

DetectionMethod ...

DetectionMethodsType is The optional Detection_Method_ID attribute is used by the internal CWE team to uniquely identify methods that are repeated across any number of individual weaknesses.

ExploitationFactorsType is The ExploitationFactorsType complex type points out conditions or factors that could increase the likelihood of exploit for this weakness.

ExternalReferences ...

ExternalReferenceType is The required Reference_ID attribute exists to provide a globally unique identifier for the reference (e.g., REF-1).

FunctionalAreasType is The FunctionalAreasType complex type contains one or more functional_area elements, each of which identifies the functional area in which the weakness is most likely to occur.

Introduction ...

Language ...

MappingNotesType is The MappingNotesType complex type provides guidance for when (and whether) to map an issue to this CWE entry or to suggest alternatives.

MemberType is The MemberType complex type may be used to establish a Has_Member or Member_Of type relationship within the designated View_ID.

Mitigation ...

ModesOfIntroductionType is The ModeOfIntroductionType complex type is used to provide information about how and when a given weakness may be introduced.

Modification ...

Note ...

NotesType is The NotesType complex type contains one or more Note elements, each of which is used to provide any additional comments about an entry that cannot be captured using other elements.

ObservedExample ...

ObservedExampleType is The ObservedExampleType complex type specifies references to a specific observed instance of a weakness in real-world products.

OperatingSystem ...

PotentialMitigationsType is The optional Mitigation_ID attribute is used by the internal CWE team to uniquely identify mitigations that are repeated across any number of individual weaknesses.

PreviousEntryName ...

Reason ...

ReasonsType is The ReasonsType complex type is used to identify the different reasons to why a CWE should not be considered.

Reference ...

ReferencesType is The ReferencesType complex type contains one or more reference elements, each of which is used to link to an external reference defined within the catalog.

RelatedAttackPattern ...

RelatedAttackPatternsType is The RelatedAttackPatternsType complex type contains references to attack patterns associated with this weakness.

RelatedWeakness ...

RelatedWeaknessesType is The RelatedWeaknessesType complex type is used to refer to other weaknesses that differ only in their level of abstraction.

RelationshipsType is The RelationshipsType complex type provides elements to show the associated relationships with a given view or category.

Stakeholder ...

StructuredCodeType is The StructuredCodeType complex type is used to present source code examples and other structured text that is not a regular paragraph.

StructuredTextType is The StructuredTextType complex type is used to allow XHTML content embedded within standard string data.

Submission ...

Suggestion ...

SuggestionsType is The SuggestionsType complex type is used to suggest other CWE entries that might be more appropriate to use for mapping.

TaxonomyMapping ...

TaxonomyMappingsType is The TaxonomyMappingsType complex type is used to provide a mapping from an entry (Weakness or Category) in CWE to an equivalent entry in a different taxonomy.

Technology ...

Views ...

ViewType is The required ID attribute provides a unique identifier for the view.

WeaknessCatalog ...

Weaknesses ...

WeaknessOrdinalitiesType is The WeaknessOrdinalitiesType complex type indicates potential ordering relationships with other weaknesses.

WeaknessOrdinality ...

WeaknessType is The required ID attribute provides a unique identifier for the entry.

AbstractionEnumeration is The AbstractionEnumeration simple type defines the different abstraction levels that apply to a weakness.

ArchitectureClassEnumeration is Used to indicate that the entry is not limited to a small set of architectures, i.e., it can appear in many different architectures.

ArchitectureNameEnumeration is The ArchitectureNameEnumeration simple type contains a list of values corresponding to known architectures.

DetectionEffectivenessEnumeration is Used to indicate that according to the IATAC State Of the Art Report (SOAR), the detection method is partially effective.

DetectionMethodEnumeration is The DetectionMethodEnumeration simple type defines the different methods used to detect a weakness.

EffectivenessEnumeration is The EffectivenessEnumeration simple type defines the different values related to how effective a mitigation may be in preventing the weakness.

FunctionalAreaEnumeration is Used to indicate that the entry is not limited to a small set of functional areas, i.e., it can appear in many different functional areas.

ImportanceEnumeration is The ImportanceEnumeration simple type lists different values for importance.

LanguageClassEnumeration is Used to indicate that the entry is not limited to a small set of language classes, i.e., it can appear in many different language classes.

LanguageNameEnumeration is The LanguageNameEnumeration simple type contains a list of values corresponding to different source code languages or data formats.

LikelihoodEnumeration is The LikelihoodEnumeration simple type contains a list of values corresponding to different likelihoods.

MitigationStrategyEnumeration is The MitigationStrategyEnumeration simple type lists general strategies for protecting a system to which a mitigation contributes.

NoteTypeEnumeration is The NoteTypeEnumeration simple type defines the different types of notes that can be associated with a weakness.

OperatingSystemClassEnumeration is Used to indicate that the entry is not limited to a small set of operating system classes, i.e., it can appear in many different operating system classes.

OperatingSystemNameEnumeration is The OperatingSystemNameEnumeration simple type contains a list of values corresponding to different operating systems.

OrdinalEnumeration is The OrdinalEnumeration simple type contains a list of values used to determine if a relationship is the primary relationship for a given weakness entry within a given view.

OrdinalityEnumeration is The OrdinalityEnumeration simple type contains a list of values used to indicates potential ordering relationships with other weaknesses.

PhaseEnumeration is The PhaseEnumeration simple type lists different phases in the product life cycle.

PrevalenceEnumeration is The PrevalenceEnumeration simple type defines the different regularities that guide the applicability of platforms.

ReasonEnumeration is The ReasonEnumeration simple type holds all the different types of reasons to why a CWE might not be considered for mapping.

RelatedNatureEnumeration is The RelatedNatureEnumeration simple type defines the different values that can be used to define the nature of a related weakness.

ResourceEnumeration is The ResourceEnumeration simple type defines different resources of a system.

ScopeEnumeration is The ScopeEnumeration simple type defines the different areas of security that can be affected by exploiting a weakness.

StakeholderEnumeration is The StakeholderEnumeration simple type defines the different types of users within the CWE community.

StatusEnumeration is The StatusEnumeration simple type defines the different status values that an entity (view, category, weakness) can have.

StructuredCodeNatureEnumeration is The StructuredCodeNatureEnumeration sinple type defines the different values that state what type of code is being shown in an eample.

StructureEnumeration is The StructureEnumeration simple type lists the different structural natures of a weakness.

TaxonomyMappingFitEnumeration is The TaxonomyMappingFitEnumeration simple type defines the different values used to describe how close a certain mapping to CWE is.

TaxonomyNameEnumeration is The TaxonomyNameEnumeration simple type lists the different known taxomomies that can be mapped to CWE.

TechnicalImpactEnumeration is The TechnicalImpactEnumeration simple type describes the technical impacts that can arise if an adversary successfully exploits a weakness.

TechnologyClassEnumeration is Used to indicate that the entry is not limited to a small set of technologies, i.e., it can appear in many different technologies.

TechnologyNameEnumeration is hardware Intellectual Property (IP) designed to verify functionality and identify root cause of defects: JTAG, BIST, boundary scan, pattern generator, etc.

UsageEnumeration is this CWE ID could be used to map to real-world vulnerabilities in limited situations requiring careful review.

ViewTypeEnumeration is The ViewTypeEnumeration simple type defines the different types of views that can be found within CWE.