The product declares a critical variable, field, or member to be public when intended security policy requires it to be private.
Extended description
Best practices to prevent this CWE
Phase: Implementation
Data should be private, static, and final whenever possible. This will assure that your code is protected by instantiating early, preventing access, and preventing tampering.