This entry has been deprecated as it represents a specific observed example of a UNIX Hard Link weakness type rather than its own individual weakness type. Please refer to CWE-62.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
CWE CATEGORY: DEPRECATED: ASP.NET Environment Issues
Category ID: 10
Summary
This category has been deprecated. It added unnecessary depth and complexity to its associated views.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-08-15
Veracode
Suggested OWASP Top Ten 2004 mapping
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Description, Name, Relationships, Taxonomy_Mappings, Type
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
This category has been deprecated because it redundant with the grouping provided by CWE-417.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2008-11-24
CWE Content Team
MITRE
updated Relationships
2013-02-21
CWE Content Team
MITRE
updated Relationships
2017-11-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Taxonomy_Mappings, Type
CWE CATEGORY: DEPRECATED: Cleansing, Canonicalization, and Comparison Errors
Category ID: 171
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. Weaknesses in this category were related to improper handling of data within protection mechanisms that attempt to perform neutralization for untrusted data. These weaknesses can be found in other similar categories.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships
2015-12-07
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2019-06-20
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Relationships, Type
This entry has been deprecated, as it was not effective as a weakness and was structured more like a category. In addition, the name is inappropriate, since the "container" term is widely understood by developers in different ways than originally intended by PLOVER, the original source for this entry.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
CWE-217: DEPRECATED: Failure to Protect Stored Data from Modification
Weakness ID: 217
Abstraction: Base Structure: Simple
View customized information:
Description
This entry has been deprecated because it incorporated and confused multiple weaknesses. The issues formerly covered in this entry can be found at CWE-766 and CWE-767.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
CWE CATEGORY: DEPRECATED: General Special Element Problems
Category ID: 139
Summary
This entry has been deprecated. It is a leftover from PLOVER, but CWE-138 is a more appropriate mapping.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Functional_Areas, Name, Relationships, Type
CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters
Weakness ID: 92
Abstraction: Base Structure: Simple
View customized information:
Description
This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2008-10-14
CWE Content Team
MITRE
updated Description
2009-07-27
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
This weakness has been deprecated because its name and description did not match. The description duplicated CWE-454, while the name suggested a more abstract initialization problem. Please refer to CWE-665 for the more abstract problem.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: this entry is deprecated.
Comments: see description for suggestions for other CWE IDs to use.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This weakness has been deprecated. It was poorly described and difficult to distinguish from other entries. It was also inappropriate to assign a separate ID solely because of domain-specific considerations. Its closest equivalent is CWE-1023.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2009-07-27
CWE Content Team
MITRE
updated Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Name, Relationships, Taxonomy_Mappings, Type
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-01-19
CWE Content Team
MITRE
updated Relationships
2020-02-24
CWE Content Team
MITRE
updated Description, Name, Relationships, Taxonomy_Mappings, Type
CWE CATEGORY: DEPRECATED: J2EE Time and State Issues
Category ID: 381
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
CWE CATEGORY: DEPRECATED: Mac Virtual File Problems
Category ID: 70
Summary
This category has been deprecated as it was found to be an unnecessary abstraction of platform specific details. Please refer to the category CWE-632 and weakness CWE-66 for relevant relationships.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Affected_Resources, Applicable_Platforms, Description, Name, Relationships, Type
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
CWE CATEGORY: DEPRECATED: Often Misused: Arguments and Parameters
Category ID: 559
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Other_Notes
2010-04-05
CWE Content Team
MITRE
updated Related_Attack_Patterns
2010-09-27
CWE Content Team
MITRE
updated Other_Notes, Relationship_Notes
2017-11-08
CWE Content Team
MITRE
updated Related_Attack_Patterns, Relationships
2020-02-24
CWE Content Team
MITRE
updated Description, Name, Relationship_Notes, Relationships, Type
CWE-249: DEPRECATED: Often Misused: Path Manipulation
Weakness ID: 249
Abstraction: Variant Structure: Simple
View customized information:
Description
This entry has been deprecated because of name confusion and an accidental combination of multiple weaknesses. Most of its content has been transferred to CWE-785.
Extended Description
This entry was deprecated for several reasons. The primary reason is over-loading of the "path manipulation" term and the description. The original description for this entry was the same as that for the "Often Misused: File System" item in the original Seven Pernicious Kingdoms paper. However, Seven Pernicious Kingdoms also has a "Path Manipulation" phrase that is for external control of pathnames (CWE-73), which is a factor in symbolic link following and path traversal, neither of which is explicitly mentioned in 7PK. Fortify uses the phrase "Often Misused: Path Manipulation" for a broader range of problems, generally for issues related to buffer management. Given the multiple conflicting uses of this term, there is a chance that CWE users may have incorrectly mapped to this entry.
The second reason for deprecation is an implied combination of multiple weaknesses within buffer-handling functions. The focus of this entry was generally on the path-conversion functions and their association with buffer overflows. However, some of Fortify's Vulncat entries have the term "path manipulation" but describe a non-overflow weakness in which the buffer is not guaranteed to contain the entire pathname, i.e., there is information truncation (see CWE-222 for a similar concept). A new entry for this non-overflow weakness may be created in a future version of CWE.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: this entry is deprecated.
Comments: see description for suggestions for other CWE IDs to use.
CWE CATEGORY: DEPRECATED: Other Intentional, Nonmalicious Weakness
Category ID: 517
Summary
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Description, Name, Relationships, Taxonomy_Mappings, Type
CWE CATEGORY: DEPRECATED: Pathname Traversal and Equivalence Errors
Category ID: 21
Summary
This category has been deprecated. It was originally used for organizing weaknesses involving file names, which enabled access to files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence). Consider using either the File Handling Issues category (CWE-1219) or the class Use of Incorrectly-Resolved Name or Reference (CWE-706).
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
This entry has been deprecated. There are no documented cases in which a switch's control expression is evaluated more than once.
Extended Description
It is likely that this entry was initially created based on a misinterpretation of the original source material. The original source intended to explain how switches could be unpredictable when using threads, if the control expressions used data or variables that could change between execution of different threads. That weakness is already covered by CWE-367. Despite the ambiguity in the documentation for some languages and compilers, in practice, they all evaluate the switch control expression only once. If future languages state that the code explicitly evaluates the control expression more than once, then this would not be a weakness, but the language performing as designed.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CLASP
Contributions
Contribution Date
Contributor
Organization
2022-03-31
Yongchool Ryu, MathWorks; Roberto Bagnara, BUGSENG; Guido Persch, Imagix; John Blattner, Imagix; Paul Anderson, GrammaTech; Fulvio Baccaglini; John Viega; Robert Seacord; Members of the CWE-Research mailing list, including Jonathan Hood and Steve Grubb; Commenters on Twitter, including Patricia Aas, Myria, Richard Barrell, and others
Many members of the CWE community contributed important feedback supporting deprecation of this entry. The contribution date reflects the first public request for comment; much feedback was received both before and after that date.
This view has been deprecated because it is not actively maintained and does not provide utility to stakeholders. It was originally created before CWE 1.0 as a simple example of how views could be structured within CWE.
Relationships
The following graph shows the tree-like relationships between weaknesses that exist at different levels of abstraction. At the highest level, categories and pillars exist to group weaknesses. Categories (which are not technically weaknesses) are special CWE entries used to group weaknesses that share a common characteristic. Pillars are weaknesses that are described in the most abstract fashion. Below these top-level entries are weaknesses are varying levels of abstraction. Classes are still very abstract, typically independent of any specific language or technology. Base level weaknesses are used to present a more specific type of weakness. A variant is a weakness that is described at a very low level of detail, typically limited to a specific language or technology. A chain is a set of weaknesses that must be reachable consecutively in order to produce an exploitable vulnerability. While a composite is a set of weaknesses that must all be present simultaneously in order to produce an exploitable vulnerability.
CWE-1324: DEPRECATED: Sensitive Information Accessible by Physical Probing of JTAG Interface
Weakness ID: 1324
Abstraction: Base Structure: Simple
View customized information:
Description
This entry has been deprecated because it was at a lower level of abstraction than supported by CWE. All relevant content has been integrated into CWE-319.
Content History
Submissions
Submission Date
Submitter
Organization
2020-10-01
Accellera IP Security Assurance (IPSA) Working Group
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2015-12-07
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Relationships
2019-06-20
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Relationships, Taxonomy_Mappings, Type
This category has been deprecated. It was originally used for organizing the Development View (CWE-69 9), but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Description, Relationships, Type
2017-11-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Type
This category has been deprecated. It was originally intended as a "catch-all" for environment issues for technologies that did not have their own CWE, but it introduced unnecessary depth and complexity to the Development View (CWE-699).
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
This category has been deprecated. It was originally intended as a "catch-all" for input validation problems in technologies that did not have their own CWE, but introduces unnecessary depth to the hierarchy.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-07-01
Eric Dalci
Cigital
updated Time_of_Introduction
2008-09-08
CWE Content Team
MITRE
updated Relationships
2009-05-27
CWE Content Team
MITRE
updated Related_Attack_Patterns
2009-10-15
CWE Content Team
MITRE
changed from weakness to category, updated Relationships, added Taxonomy_Mapping
2009-10-29
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings, Type
2010-04-05
CWE Content Team
MITRE
updated Related_Attack_Patterns
2012-05-11
CWE Content Team
MITRE
updated Relationships
2014-07-30
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Name, Related_Attack_Patterns, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
CWE CATEGORY: DEPRECATED: Technology-Specific Special Elements
Category ID: 169
Summary
This category has been deprecated. It was originally intended as a "catch-all" for input validation problems in technologies that did not have their own CWE, but introduces unnecessary depth to the hierarchy.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
CWE CATEGORY: DEPRECATED: Technology-Specific Time and State Issues
Category ID: 380
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. Consider using the File Handling Issues category (CWE-1219).
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This category has been deprecated. It covered a very low level of abstraction based on operating system, which was not useful for any existing view.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Type
This weakness has been deprecated because it partially overlaps CWE-470, it describes legitimate programmer behavior, and other portions will need to be integrated into other entries.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
This weakness has been deprecated because it was a duplicate of CWE-355. All content has been transferred to CWE-355.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-01-19
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Research_Gaps, Taxonomy_Mappings, Type
This view has been deprecated. It was only used for an early year of the NIST SAMATE project, and it did not represent any official or commonly-utilized list.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
View Metrics
CWEs in this view
Total CWEs
Weaknesses
0
out of
933
Categories
0
out of
352
Views
0
out of
47
Total
0
out of
1332
Content History
Submissions
Submission Date
Submitter
Organization
2007-10-01
CWE Content Team
MITRE
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, References, View_Structure
2012-05-11
CWE Content Team
MITRE
updated References
2017-11-08
CWE Content Team
MITRE
updated Description, Name, References, Relationships, Type
CWE CATEGORY: DEPRECATED: Weaknesses that Affect Files or Directories
Category ID: 632
Summary
This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2007-10-01
CWE Community
Submitted by members of the CWE community to extend early CWE versions
CWE CATEGORY: DEPRECATED: Weaknesses that Affect Memory
Category ID: 633
Summary
This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
CWE CATEGORY: DEPRECATED: Weaknesses that Affect System Processes
Category ID: 634
Summary
This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
This view has been deprecated. It was based on gaps in another view (CWE-888) related to research that is no longer updated, but was complete with respect to CWE at the time it was conducted.
Filter
/Weakness_Catalog[false()]
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated.
Comments: see description for suggestions of other CWEs to consider.
View Metrics
CWEs in this view
Total CWEs
Weaknesses
0
out of
933
Categories
0
out of
352
Views
0
out of
47
Total
0
out of
1332
Content History
Submissions
Submission Date
Submitter
Organization
2014-07-29
CWE Content Team
MITRE
Contributions
Contribution Date
Contributor
Organization
2022-07-21
Djenana Campara
KDM Analytics
suggested that there were errors in this view (leading to changes in taxonomy mappings in some entries), and that this view was outdated, leading to the decision to deprecate
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
CWE CATEGORY: DEPRECATED: Windows Path Link Problems
Category ID: 63
Summary
This category has been deprecated. It covered a very low level of abstraction based on operating system, which was not useful for any existing view.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Applicable_Platforms, Relationships
2017-11-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Type
CWE CATEGORY: DEPRECATED: Windows Virtual File Problems
Category ID: 68
Summary
This category has been deprecated as it was found to be an unnecessary abstraction of platform specific details. Please refer to the category CWE-632 and weakness CWE-66 for relevant relationships.
Notes
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).
Rationale: This CWE has been deprecated. It is also a Category. Using categories for mapping has been an actively discouraged practice since at least 2019. Categories are informal organizational groupings of weaknesses that help navigation and browsing by CWE users, but they are not weaknesses in themselves.
Comments: see description for suggestions of other CWEs to consider.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Type
Objective
