1. Home
  2. CWE Database
  3. CWE-487
Base · Medium

CWE-487: Reliance on Package-level Scope

Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.

CWE-487 · Base Level ·1 Mitigations

Description

Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.

The purpose of package scope is to prevent accidental access by other parts of a program. This is an ease-of-software-development feature but not a security feature.

Potential Impact

Confidentiality

Read Application Data

Integrity

Modify Application Data

Demonstrative Examples

The following example demonstrates the weakness.
Bad
package math;public class Lebesgue implements Integration{
                        public final Static String youAreHidingThisFunction(functionToIntegrate){
                              
                                 return ...;
                           }
                     }

Mitigations & Prevention

Architecture and DesignImplementation

Data should be private static and final whenever possible. This will assure that your code is protected by instantiating early, preventing access and tampering.

Detection Methods

  • Automated Static Analysis — Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then sea

CWE-664: Improper Control of a Resource Through its Lifetime

The product does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use,...

Taxonomy Mappings

  • CLASP: — Relying on package-level scope
  • The CERT Oracle Secure Coding Standard for Java (2011): MET04-J — Do not increase the accessibility of overridden or hidden methods

Frequently Asked Questions

What is CWE-487?

CWE-487 (Reliance on Package-level Scope) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.

How can CWE-487 be exploited?

Attackers can exploit CWE-487 (Reliance on Package-level Scope) to read application data. This weakness is typically introduced during the Implementation phase of software development.

How do I prevent CWE-487?

Key mitigations include: Data should be private static and final whenever possible. This will assure that your code is protected by instantiating early, preventing access and tampering.

What is the severity of CWE-487?

CWE-487 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.