This entry has been deprecated as it represents a specific observed example of a UNIX Hard Link weakness type rather than its own individual weakness type. Please refer to CWE-62.
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
CWE CATEGORY: DEPRECATED: Cleansing, Canonicalization, and Comparison Errors
Category ID: 171
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. Weaknesses in this category were related to improper handling of data within protection mechanisms that attempt to perform neutralization for untrusted data. These weaknesses can be found in other similar categories.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships
2015-12-07
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2019-06-20
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Relationships, Type
This entry has been deprecated, as it was not effective as a weakness and was structured more like a category. In addition, the name is inappropriate, since the "container" term is widely understood by developers in different ways than originally intended by PLOVER, the original source for this entry.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
CWE-217: DEPRECATED: Failure to Protect Stored Data from Modification
Weakness ID: 217
Abstraction: Base Structure: Simple
Presentation Filter:
Description
This entry has been deprecated because it incorporated and confused multiple weaknesses. The issues formerly covered in this entry can be found at CWE-766 and CWE-767.
CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters
Weakness ID: 92
Abstraction: Base Structure: Simple
Presentation Filter:
Description
This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping.
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2008-10-14
CWE Content Team
MITRE
updated Description
2009-07-27
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
This weakness has been deprecated because its name and description did not match. The description duplicated CWE-454, while the name suggested a more abstract initialization problem. Please refer to CWE-665 for the more abstract problem.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This weakness has been deprecated. It was poorly described and difficult to distinguish from other entries. It was also inappropriate to assign a separate ID solely because of domain-specific considerations. Its closest equivalent is CWE-1023.
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2009-07-27
CWE Content Team
MITRE
updated Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Name, Relationships, Taxonomy_Mappings, Type
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-01-19
CWE Content Team
MITRE
updated Relationships
2020-02-24
CWE Content Team
MITRE
updated Description, Name, Relationships, Taxonomy_Mappings, Type
CWE CATEGORY: DEPRECATED: J2EE Time and State Issues
Category ID: 381
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
CWE CATEGORY: DEPRECATED: Mac Virtual File Problems
Category ID: 70
Summary
This category has been deprecated as it was found to be an unnecessary abstraction of platform specific details. Please refer to the category CWE-632 and weakness CWE-66 for relevant relationships.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Affected_Resources, Applicable_Platforms, Description, Name, Relationships, Type
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
CWE CATEGORY: DEPRECATED: Often Misused: Arguments and Parameters
Category ID: 559
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Other_Notes
2010-04-05
CWE Content Team
MITRE
updated Related_Attack_Patterns
2010-09-27
CWE Content Team
MITRE
updated Other_Notes, Relationship_Notes
2017-11-08
CWE Content Team
MITRE
updated Related_Attack_Patterns, Relationships
2020-02-24
CWE Content Team
MITRE
updated Description, Name, Relationship_Notes, Relationships, Type
CWE-249: DEPRECATED: Often Misused: Path Manipulation
Weakness ID: 249
Abstraction: Variant Structure: Simple
Presentation Filter:
Description
This entry has been deprecated because of name confusion and an accidental combination of multiple weaknesses. Most of its content has been transferred to CWE-785. This entry was deprecated for several reasons. The primary reason is over-loading of the "path manipulation" term and the description. The original description for this entry was the same as that for the "Often Misused: File System" item in the original Seven Pernicious Kingdoms paper. However, Seven Pernicious Kingdoms also has a "Path Manipulation" phrase that is for external control of pathnames (CWE-73), which is a factor in symbolic link following and path traversal, neither of which is explicitly mentioned in 7PK. Fortify uses the phrase "Often Misused: Path Manipulation" for a broader range of problems, generally for issues related to buffer management. Given the multiple conflicting uses of this term, there is a chance that CWE users may have incorrectly mapped to this entry. The second reason for deprecation is an implied combination of multiple weaknesses within buffer-handling functions. The focus of this entry was generally on the path-conversion functions and their association with buffer overflows. However, some of Fortify's Vulncat entries have the term "path manipulation" but describe a non-overflow weakness in which the buffer is not guaranteed to contain the entire pathname, i.e., there is information truncation (see CWE-222 for a similar concept). A new entry for this non-overflow weakness may be created in a future version of CWE.
CWE CATEGORY: DEPRECATED: Other Intentional, Nonmalicious Weakness
Category ID: 517
Summary
This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Description, Name, Relationships, Taxonomy_Mappings, Type
CWE CATEGORY: DEPRECATED: Pathname Traversal and Equivalence Errors
Category ID: 21
Summary
This category has been deprecated. It was originally used for organizing weaknesses involving file names, which enabled access to files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence). Consider using either the File Handling Issues category (CWE-1219) or the class Use of Incorrectly-Resolved Name or Reference (CWE-706).
This entry has been deprecated. There are no documented cases in which a switch's control expression is evaluated more than once.
Extended Description
It is likely that this entry was initially created based on a misinterpretation of the original source material. The original source intended to explain how switches could be unpredictable when using threads, if the control expressions used data or variables that could change between execution of different threads. That weakness is already covered by CWE-367. Despite the ambiguity in the documentation for some languages and compilers, in practice, they all evaluate the switch control expression only once. If future languages state that the code explicitly evaluates the control expression more than once, then this would not be a weakness, but the language performing as designed.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CLASP
Contributions
Contribution Date
Contributor
Organization
2022-03-31
Yongchool Ryu, MathWorks; Roberto Bagnara, BUGSENG; Guido Persch, Imagix; John Blattner, Imagix; Paul Anderson, GrammaTech; Fulvio Baccaglini; John Viega; Robert Seacord; Members of the CWE-Research mailing list, including Jonathan Hood and Steve Grubb; Commenters on Twitter, including Patricia Aas, Myria, Richard Barrell, and others
Many members of the CWE community contributed important feedback supporting deprecation of this entry. The contribution date reflects the first public request for comment; much feedback was received both before and after that date.
This view has been deprecated because it is not actively maintained and does not provide utility to stakeholders. It was originally created before CWE 1.0 as a simple example of how views could be structured within CWE.
Relationships
The following graph shows the tree-like relationships between weaknesses that exist at different levels of abstraction. At the highest level, categories and pillars exist to group weaknesses. Categories (which are not technically weaknesses) are special CWE entries used to group weaknesses that share a common characteristic. Pillars are weaknesses that are described in the most abstract fashion. Below these top-level entries are weaknesses are varying levels of abstraction. Classes are still very abstract, typically independent of any specific language or technology. Base level weaknesses are used to present a more specific type of weakness. A variant is a weakness that is described at a very low level of detail, typically limited to a specific language or technology. A chain is a set of weaknesses that must be reachable consecutively in order to produce an exploitable vulnerability. While a composite is a set of weaknesses that must all be present simultaneously in order to produce an exploitable vulnerability.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
Landwehr
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2015-12-07
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Relationships
2019-06-20
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Relationships, Taxonomy_Mappings, Type
This category has been deprecated. It was originally used for organizing the Development View (CWE-69 9), but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Description, Relationships, Type
2017-11-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Type
This category has been deprecated. It was originally intended as a "catch-all" for environment issues for technologies that did not have their own CWE, but it introduced unnecessary depth and complexity to the Development View (CWE-699).
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Maintenance_Notes, Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Maintenance_Notes, Name, Type
This category has been deprecated. It was originally intended as a "catch-all" for input validation problems in technologies that did not have their own CWE, but introduces unnecessary depth to the hierarchy.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-07-01
Eric Dalci
Cigital
updated Time_of_Introduction
2008-09-08
CWE Content Team
MITRE
updated Relationships
2009-05-27
CWE Content Team
MITRE
updated Related_Attack_Patterns
2009-10-15
CWE Content Team
MITRE
changed from weakness to category, updated Relationships, added Taxonomy_Mapping
2009-10-29
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings, Type
2010-04-05
CWE Content Team
MITRE
updated Related_Attack_Patterns
2012-05-11
CWE Content Team
MITRE
updated Relationships
2014-07-30
CWE Content Team
MITRE
updated Relationships
2017-01-19
CWE Content Team
MITRE
updated Relationships
2017-11-08
CWE Content Team
MITRE
updated Description, Name, Related_Attack_Patterns, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
CWE CATEGORY: DEPRECATED: Technology-Specific Special Elements
Category ID: 169
Summary
This category has been deprecated. It was originally intended as a "catch-all" for input validation problems in technologies that did not have their own CWE, but introduces unnecessary depth to the hierarchy.
CWE CATEGORY: DEPRECATED: Technology-Specific Time and State Issues
Category ID: 380
Summary
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. Consider using the File Handling Issues category (CWE-1219).
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
CWE Community
Submitted by members of the CWE community to extend early CWE versions
This weakness has been deprecated because it partially overlaps CWE-470, it describes legitimate programmer behavior, and other portions will need to be integrated into other entries.
This view has been deprecated. It was only used for an early year of the NIST SAMATE project, and it did not represent any official or commonly-utilized list.
View Metrics
CWEs in this view
Total CWEs
Weaknesses
0
out of
927
Categories
0
out of
352
Views
0
out of
48
Total
0
out of
1327
Content History
Submissions
Submission Date
Submitter
Organization
2007-10-01
CWE Content Team
MITRE
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, References, View_Structure
2012-05-11
CWE Content Team
MITRE
updated References
2017-11-08
CWE Content Team
MITRE
updated Description, Name, References, Relationships, Type
CWE CATEGORY: DEPRECATED: Weaknesses that Affect Files or Directories
Category ID: 632
Summary
This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE.
Content History
Submissions
Submission Date
Submitter
Organization
2007-10-01
CWE Community
Submitted by members of the CWE community to extend early CWE versions
CWE CATEGORY: DEPRECATED: Weaknesses that Affect Memory
Category ID: 633
Summary
This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE.
CWE CATEGORY: DEPRECATED: Weaknesses that Affect System Processes
Category ID: 634
Summary
This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE.
This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
CWE CATEGORY: DEPRECATED: Windows Virtual File Problems
Category ID: 68
Summary
This category has been deprecated as it was found to be an unnecessary abstraction of platform specific details. Please refer to the category CWE-632 and weakness CWE-66 for relevant relationships.
Content History
Submissions
Submission Date
Submitter
Organization
2006-07-19
PLOVER
Modifications
Modification Date
Modifier
Organization
2008-09-08
CWE Content Team
MITRE
updated Relationships, Taxonomy_Mappings
2017-11-08
CWE Content Team
MITRE
updated Applicable_Platforms, Description, Name, Relationships, Type
Objective
