CME-1307

Command Injection Prevention (No Shell Invocation)

Harden Application High Confidence

Description

Application avoids invoking shell commands with user-controlled input. Uses direct process execution (subprocess with list args, no shell=True) or purpose-built libraries instead of shell pipelines. When shell interaction is unavoidable, uses strict allowlist validation on inputs.

CVSS Vector Impacts

Metric Transition Rationale
Attack Complexity (AC) L H Shell metacharacters in user input have no effect; arguments passed as array not string
Integrity (I) H L Cannot execute arbitrary system commands via injection
Scope (S) C U Application cannot be leveraged to run commands on the host OS

CWE Relationships

CWE-78 CWE-77

Verification

Verify no shell=True with user-controlled input; no os.system() or os.popen() calls

$ grep -rn 'shell=True\|os.system\|os.popen' <app_source>/
# Expected: No shell invocations with user-controlled input
Platform: any
← CME-1306: XSS Prevention (Context-Aware Output Encoding) CME-1308: Origin and CORS Validation Enforcement →