CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE CATEGORY: Inadvertently Introduced Weakness

Category ID: 518
Status: Incomplete
+ Description

Description Summary

The software contains a weakness that was inadvertently introduced by the developer.

Extended Description

Inadvertent flaws may occur in requirements; they may also find their way into software during specification and coding. Although many of these are detected and removed through testing, some flaws can remain undetected and later cause problems during operation and maintenance of the software system. For a software system composed of many modules and involving many programmers, flaws are often difficult to find and correct because module interfaces are inadequately documented and global variables are used. The lack of documentation is especially troublesome during maintenance when attempts to fix existing flaws often generate new flaws because maintainers lack understanding of the system as a whole. Although inadvertent flaws do not usually pose an immediate threat to the security of the system, the weakness resulting from a flaw may be exploited by an intruder (see case D1).

+ Time of Introduction
  • Operation
  • Architecture and Design
  • Implementation
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class514Covert Channel
Development Concepts (primary)699
MemberOfViewView699Development Concepts
Development Concepts (primary)699
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
LandwehrInadvertent
+ Maintenance Notes

This entry is being considered for deprecation. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. It cannot be deprecated until after the CWE team has reviewed whether other CWE elements are appropriately capturing the "location" in which the weaknesses are introduced.

+ Content History
Submissions
Submission DateSubmitterOrganizationSource
LandwehrExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2008-10-14CWE Content TeamMITREInternal
updated Description
2009-07-27CWE Content TeamMITREInternal
updated Relationships
2017-01-19CWE Content TeamMITREInternal
updated Maintenance_Notes, Relationships
Previous Entry Names
Change DatePrevious Entry Name
2008-01-30Inadvertent

More information is available — Please select a different filter.
Page Last Updated: January 18, 2017