CWE · MITRE source
CWE-610Externally Controlled Reference to a Resource in Another Sphere
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (1)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SI-22 | Information Diversity | SI | Limits impact of an externally controlled reference to a primary information resource by switching to an identified alternative. |
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2022-27593 KEV | 9.6 | 10.0 | 0.9312 | 2022-09-08 |
CVE-2020-5412 | 6.8 | 6.5 | 0.9236 | 2020-08-07 |
CVE-2022-2633 | 6.8 | 7.5 | 0.8835 | 2022-09-06 |
CVE-2017-18357 | 4.7 | 6.5 | 0.5729 | 2019-01-15 |
CVE-2025-0111 KEV | 3.5 | 6.5 | 0.0369 | 2025-02-12 |
CVE-2023-30943 | 2.9 | 6.5 | 0.2676 | 2023-05-02 |
CVE-2022-2431 | 2.6 | 8.1 | 0.1714 | 2022-09-06 |
CVE-2017-0211 | 2.4 | 5.5 | 0.2234 | 2017-04-12 |
CVE-2021-27648 | 2.4 | 9.0 | 0.0989 | 2021-04-28 |
CVE-2024-10979 | 2.2 | 8.8 | 0.0686 | 2024-11-14 |
CVE-2017-16088 | 2.1 | 10.0 | 0.0206 | 2018-06-07 |
CVE-2020-14057 | 2.1 | 9.8 | 0.0307 | 2020-07-01 |
CVE-2024-47773 | 2.1 | 8.2 | 0.0785 | 2024-10-08 |
CVE-2019-7290 | 2.0 | 10.0 | 0.0052 | 2019-12-18 |
CVE-2020-9752 | 2.0 | 9.8 | 0.0050 | 2020-03-23 |
CVE-2021-43685 | 2.0 | 9.8 | 0.0043 | 2021-12-01 |
CVE-2021-44041 | 2.0 | 9.8 | 0.0083 | 2021-12-14 |
CVE-2022-20239 | 2.0 | 9.8 | 0.0008 | 2022-08-10 |
CVE-2022-39206 | 2.0 | 9.9 | 0.0105 | 2022-09-13 |
CVE-2024-24760 | 2.0 | 8.8 | 0.0405 | 2024-02-02 |
CVE-2025-22144 | 2.0 | 9.8 | 0.0035 | 2025-01-13 |
CVE-2021-43844 | 1.9 | 8.8 | 0.0250 | 2021-12-20 |
CVE-2020-25161 | 1.8 | 8.8 | 0.0063 | 2021-02-23 |
CVE-2021-30245 | 1.8 | 8.8 | 0.0040 | 2021-04-15 |
CVE-2021-41244 | 1.8 | 9.1 | 0.0049 | 2021-11-15 |