The software does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect operations in a security-relevant manner.
Time of Introduction
Architecture and Design
Technical Impact: Varies by context; Unexpected state
The classification under CWE-697 is imprecise. Since this entry does not cover specific causes for why proper state is not identified, it needs deeper investigation. It is probably more like a category.