CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > VIEW SLICE: CWE-604: Deprecated Entries (2.10)  
ID

CWE VIEW: Deprecated Entries

View ID: 604
Structure: Implicit Slice
Status: Draft
Presentation Filter:
+ View Data

View Objective

CWE nodes in this view (slice) have been deprecated. There should be a reference pointing to the replacement in each deprecated weakness.

View Filter: .//@Status='Deprecated'

+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, View_Structure
2008-11-24CWE Content TeamMITREInternal
updated Name, Relationships
2009-05-27CWE Content TeamMITREInternal
updated Relationships
2009-07-27CWE Content TeamMITREInternal
updated Relationships
2009-08-28CWE Content TeamMITREInternal
changed explicit member list to implicit filter
2009-10-29CWE Content TeamMITREInternal
updated Relationships, View_Filter, View_Structure
Previous Entry Names
Change DatePrevious Entry Name
2008-11-24Deprecated
+ View Metrics
CWEs in this viewTotal CWEs
Total15out of1005
Views0out of33
Categories2out of244
Weaknesses13out of720
Compound_Elements0out of8
View Components
View Components
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

CWE-516: DEPRECATED (Duplicate): Covert Timing Channel

Weakness ID: 516
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This weakness can be found at CWE-385.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships
2009-10-29CWE Content TeamMITREInternal
updated Relationships

CWE-218: DEPRECATED (Duplicate): Failure to provide confidentiality for stored data

Weakness ID: 218
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This weakness has been deprecated because it was a duplicate of CWE-493. All content has been transferred to CWE-493.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Alternate_Terms, Applicable_Platforms, Common_Consequences, Description, Likelihood_of_Exploit, Name, Relationships, Type
2009-10-29CWE Content TeamMITREInternal
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2008-09-09Failure to Provide Confidentiality for Stored Data

CWE-225: DEPRECATED (Duplicate): General Information Management Problems

Weakness ID: 225
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This weakness can be found at CWE-199.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships
2009-10-29CWE Content TeamMITREInternal
updated Relationships

CWE-443: DEPRECATED (Duplicate): HTTP response splitting

Weakness ID: 443
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This weakness can be found at CWE-113.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships
2009-10-29CWE Content TeamMITREInternal
updated Relationships

CWE-132: DEPRECATED (Duplicate): Miscalculated Null Termination

Weakness ID: 132
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This entry has been deprecated because it was a duplicate of CWE-170. All content has been transferred to CWE-170.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Applicable_Platforms, Causal_Nature, Common_Consequences, Description, Likelihood_of_Exploit, Name, Relationships, Type
2009-10-29CWE Content TeamMITREInternal
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2008-09-09Miscalculated Null Termination

CWE-423: DEPRECATED (Duplicate): Proxied Trusted Channel

Weakness ID: 423
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This entry has been deprecated because it was a duplicate of CWE-441. All content has been transferred to CWE-441.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Potential_Mitigations, Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other_Notes, Taxonomy_Mappings
2008-11-05CWE Content TeamMITREInternal
deprecated this entry as a duplicate of 441
2008-11-24CWE Content TeamMITREInternal
updated Applicable_Platforms, Description, Name, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
2009-10-29CWE Content TeamMITREInternal
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2008-11-24Proxied Trusted Channel

CWE-247: DEPRECATED (Duplicate): Reliance on DNS Lookups in a Security Decision

Weakness ID: 247
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This entry has been deprecated because it was a duplicate of CWE-350. All content has been transferred to CWE-350.
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
Software Fault PatternsSFP29Faulty endpoint authentication
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
7 Pernicious KingdomsExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other_Notes, Taxonomy_Mappings
2009-05-27CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2009-07-27CWE Content TeamMITREInternal
updated Demonstrative_Examples
2010-02-16CWE Content TeamMITREInternal
updated Relationships
2010-04-05CWE Content TeamMITREInternal
updated Related_Attack_Patterns
2010-09-27CWE Content TeamMITREInternal
updated Potential_Mitigations
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Demonstrative_Examples, References, Relationships
2013-06-23
(Critical)
CWE Content TeamMITREInternal
CWE-247 and CWE-292 deprecated and merged into CWE-350 to address duplicates.
2013-07-17CWE Content TeamMITREInternal
updated Applicable_Platforms, Common_Consequences, Demonstrative_Examples, Description, Name, Other_Notes, Potential_Mitigations, References, Related_Attack_Patterns, Relationships, Time_of_Introduction, Type
2014-07-30CWE Content TeamMITREInternal
updated Taxonomy_Mappings
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Often Misused: Authentication
2013-07-17Reliance on DNS Lookups in a Security Decision

CWE-292: DEPRECATED (Duplicate): Trusting Self-reported DNS Name

Weakness ID: 292
Deprecated Abstraction: Variant
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This entry has been deprecated because it was a duplicate of CWE-350. All content has been transferred to CWE-350.
+ Likelihood of Exploit

High

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
Software Fault PatternsSFP29Faulty endpoint authentication
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CLASPExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Common_Consequences, Relationships, Other_Notes, Taxonomy_Mappings
2009-05-27CWE Content TeamMITREInternal
updated Demonstrative_Examples
2009-10-29CWE Content TeamMITREInternal
updated Observed_Examples
2010-09-27CWE Content TeamMITREInternal
updated Potential_Mitigations
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Demonstrative_Examples, Relationships
2013-06-23
(Critical)
CWE Content TeamMITREInternal
CWE-247 and CWE-292 deprecated and merged into CWE-350 to address duplicates.
2013-07-17CWE Content TeamMITREInternal
updated Applicable_Platforms, Common_Consequences, Demonstrative_Examples, Description, Name, Observed_Examples, Other_Notes, Potential_Mitigations, Related_Attack_Patterns, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
2014-07-30CWE Content TeamMITREInternal
updated Taxonomy_Mappings
Previous Entry Names
Change DatePrevious Entry Name
2013-07-17Trusting Self-reported DNS Name

CWE-217: DEPRECATED: Failure to Protect Stored Data from Modification

Weakness ID: 217
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This weakness has been deprecated because it incorporated and confused multiple weaknesses. The issues formerly covered in this weakness can be found at CWE-766 and CWE-767.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CLASPExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Common_Consequences, Relationships, Other_Notes, Taxonomy_Mappings
2009-05-20CWE Content TeamMITREInternal
deprecated this entry in favor of new entries which focus on the multiple weaknesses formerly described here, CWE-766 and CWE-767
2009-05-27CWE Content TeamMITREInternal
updated Alternate_Terms, Applicable_Platforms, Common_Consequences, Demonstrative_Examples, Description, Likelihood_of_Exploit, Name, Other_Notes, Potential_Mitigations, Related_Attack_Patterns, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
2009-10-29CWE Content TeamMITREInternal
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2009-05-27Failure to Protect Stored Data from Modification

CWE CATEGORY: DEPRECATED: General Special Element Problems

Category ID: 139
Deprecated
Status: Deprecated
+ Description

Description Summary

This entry has been deprecated. It is a leftover from PLOVER, but CWE-138 is a more appropriate mapping.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Applicable_Platforms, Description, Functional_Areas, Name, Relationships, Type
2009-10-29CWE Content TeamMITREInternal
updated Relationships
2010-06-21CWE Content TeamMITREInternal
updated Description
Previous Entry Names
Change DatePrevious Entry Name
2008-09-09General Special Element Problems

CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters

Weakness ID: 92
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Maintenance_Notes, Relationships, Relationship_Notes, Taxonomy_Mappings, Weakness_Ordinalities
2008-10-14CWE Content TeamMITREInternal
updated Description, Name
2009-05-27CWE Content TeamMITREInternal
updated Description, Name
2009-07-27CWE Content TeamMITREInternal
updated Applicable_Platforms, Causal_Nature, Maintenance_Notes, Name, Observed_Examples, Potential_Mitigations, Related_Attack_Patterns, Relationship_Notes, Relationships, Research_Gaps, Taxonomy_Mappings, Time_of_Introduction, Type, Weakness_Ordinalities
2009-10-29CWE Content TeamMITREInternal
updated Relationships
2009-12-28CWE Content TeamMITREInternal
updated Related_Attack_Patterns
2010-06-21CWE Content TeamMITREInternal
updated Description, Maintenance_Notes
Previous Entry Names
Change DatePrevious Entry Name
2008-10-14Custom Special Character Injection
2009-05-27Insufficient Sanitization of Custom Special Characters
2009-07-27Improper Sanitization of Custom Special Characters

CWE-458: DEPRECATED: Incorrect Initialization

Weakness ID: 458
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This weakness has been deprecated because its name and description did not match. The description duplicated CWE-454, while the name suggested a more abstract initialization problem. Please refer to CWE-665 for the more abstract problem.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships
2009-10-29CWE Content TeamMITREInternal
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Incorrect Initialization

CWE-249: DEPRECATED: Often Misused: Path Manipulation

Weakness ID: 249
Deprecated Abstraction: Variant
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This entry has been deprecated because of name confusion and an accidental combination of multiple weaknesses. Most of its content has been transferred to CWE-785.
+ Maintenance Notes

This entry was deprecated for several reasons. The primary reason is over-loading of the "path manipulation" term and the description. The original description for this entry was the same as that for the "Often Misused: File System" item in the original Seven Pernicious Kingdoms paper. However, Seven Pernicious Kingdoms also has a "Path Manipulation" phrase that is for external control of pathnames (CWE-73), which is a factor in symbolic link following and path traversal, neither of which is explicitly mentioned in 7PK. Fortify uses the phrase "Often Misused: Path Manipulation" for a broader range of problems, generally for issues related to buffer management. Given the multiple conflicting uses of this term, there is a chance that CWE users may have incorrectly mapped to this entry.

The second reason for deprecation is an implied combination of multiple weaknesses within buffer-handling functions. The focus of this entry has generally been on the path-conversion functions and their association with buffer overflows. However, some of Fortify's Vulncat entries have the term "path manipulation" but describe a non-overflow weakness in which the buffer is not guaranteed to contain the entire pathname, i.e., there is information truncation (see CWE-222 for a similar concept). A new entry for this non-overflow weakness may be created in a future version of CWE.

+ Content History
Submissions
Submission DateSubmitterOrganizationSource
7 Pernicious KingdomsExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-08-01KDM AnalyticsExternal
added/updated white box definitions
2008-09-08CWE Content TeamMITREInternal
updated Applicable_Platforms, Relationships, Other_Notes, Taxonomy_Mappings
2009-05-27CWE Content TeamMITREInternal
updated Demonstrative_Examples
2009-07-17
(Critical)
KDM AnalyticsExternal
Described inconsistencies in this entry, which the CWE Content Team had already slated for deprecation.
2009-07-27CWE Content TeamMITREInternal
updated Affected_Resources, Applicable_Platforms, Demonstrative_Examples, Description, Maintenance_Notes, Name, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type, White_Box_Definitions
2009-10-29CWE Content TeamMITREInternal
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2009-07-27Often Misused: Path Manipulation

CWE-373: DEPRECATED: State Synchronization Error

Weakness ID: 373
Deprecated Abstraction: Base
Status: Deprecated
Presentation Filter:
+ Description

Description Summary

This entry was deprecated because it overlapped the same concepts as race condition (CWE-362) and Improper Synchronization (CWE-662).
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CLASPExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Common_Consequences, Relationships, Other_Notes, Taxonomy_Mappings
2010-12-12
(Critical)
CWE Content TeamMITREInternal
Deprecated entry
2010-12-13CWE Content TeamMITREInternal
updated Applicable_Platforms, Common_Consequences, Demonstrative_Examples, Description, Likelihood_of_Exploit, Name, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
Previous Entry Names
Change DatePrevious Entry Name
2010-12-13State Synchronization Error

CWE CATEGORY: DEPRECATED: User Interface Errors

Category ID: 445
Deprecated
Status: Deprecated
+ Description

Description Summary

This weakness has been deprecated because it was a duplicate of CWE-355. All content has been transferred to CWE-355.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2017-01-19CWE Content TeamMITREInternal
updated Applicable_Platforms, Description, Name, Relationships, Research_Gaps, Taxonomy_Mappings, Type
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11User Interface Quality Errors
2017-01-19User Interface Errors

More information is available — Please select a different filter.
Page Last Updated: January 18, 2017