CWE VIEW: Deprecated Entries
View ID: 604
Structure: Implicit Slice Status: Draft
View Data
View Objective
CWE nodes in this view (slice ) have been deprecated. There should be a reference pointing to the replacement in each deprecated weakness .
View Filter : .//@Status='Deprecated'
Relationships
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Relationships,
View_Structure 2008-11-24 CWE Content Team MITRE Internal updated Name, Relationships 2009-05-27 CWE Content Team MITRE Internal updated Relationships 2009-07-27 CWE Content Team MITRE Internal updated Relationships 2009-08-28 CWE Content Team MITRE Internal changed explicit member list to implicit
filter 2009-10-29 CWE Content Team MITRE Internal updated Relationships, View_Filter,
View_Structure Previous Entry Names Change Date Previous Entry
Name 2008-11-24 Deprecated
View Metrics
CWEs in this view Total CWEs Total 17 out of 1006 Views 0 out of 33 Categories 2 out of 245 Weaknesses 15 out of 720 Compound_Elements 0 out of 8
View Components
View Components
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z CWE-516: DEPRECATED (Duplicate): Covert Timing Channel
Weakness ID: 516
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
weakness can be found at
CWE-385 .
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Relationships 2009-10-29 CWE Content Team MITRE Internal updated Relationships
CWE-218: DEPRECATED (Duplicate): Failure to provide confidentiality for stored data
Weakness ID: 218
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
weakness has been deprecated because it was a duplicate of
CWE-493 . All content has been transferred to
CWE-493 .
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Alternate_Terms, Applicable_Platforms,
Common_Consequences, Description, Likelihood_of_Exploit, Name,
Relationships, Type 2009-10-29 CWE Content Team MITRE Internal updated Relationships Previous Entry Names Change Date Previous Entry
Name 2008-09-09 Failure to Provide
Confidentiality for Stored Data
CWE-225: DEPRECATED (Duplicate): General Information Management Problems
Weakness ID: 225
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
weakness can be found at
CWE-199 .
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Relationships 2009-10-29 CWE Content Team MITRE Internal updated Relationships
CWE-443: DEPRECATED (Duplicate): HTTP response splitting
Weakness ID: 443
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
weakness can be found at
CWE-113 .
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Relationships 2009-10-29 CWE Content Team MITRE Internal updated Relationships
CWE-132: DEPRECATED (Duplicate): Miscalculated Null Termination
Weakness ID: 132
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
entry has been deprecated because it was a duplicate of
CWE-170 . All content has been transferred to
CWE-170 .
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Applicable_Platforms, Causal_Nature,
Common_Consequences, Description, Likelihood_of_Exploit, Name,
Relationships, Type 2009-10-29 CWE Content Team MITRE Internal updated Relationships Previous Entry Names Change Date Previous Entry
Name 2008-09-09 Miscalculated Null
Termination
CWE-423: DEPRECATED (Duplicate): Proxied Trusted Channel
Weakness ID: 423
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
entry has been deprecated because it was a duplicate of
CWE-441 . All content has been transferred to
CWE-441 .
Content History
Submissions Submission Date Submitter Organization Source PLOVER Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Potential_Mitigations,
Time_of_Introduction 2008-09-08 CWE Content Team MITRE Internal updated Relationships, Other_Notes,
Taxonomy_Mappings 2008-11-05 CWE Content Team MITRE Internal deprecated this entry as a duplicate of
441 2008-11-24 CWE Content Team MITRE Internal updated Applicable_Platforms, Description, Name,
Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings,
Time_of_Introduction, Type 2009-10-29 CWE Content Team MITRE Internal updated Relationships Previous Entry Names Change Date Previous Entry
Name 2008-11-24 Proxied Trusted
Channel
CWE-247: DEPRECATED (Duplicate): Reliance on DNS Lookups in a Security Decision
Weakness ID: 247
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
entry has been deprecated because it was a duplicate of
CWE-350 . All content has been transferred to
CWE-350 .
Taxonomy Mappings
Mapped Taxonomy Name Node ID Fit Mapped Node Name Software Fault Patterns SFP29 Faulty endpoint authentication
Content History
Submissions Submission Date Submitter Organization Source 7 Pernicious Kingdoms Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Time_of_Introduction 2008-09-08 CWE Content Team MITRE Internal updated Relationships, Other_Notes,
Taxonomy_Mappings 2009-05-27 CWE Content Team MITRE Internal updated Relationships,
Taxonomy_Mappings 2009-07-27 CWE Content Team MITRE Internal updated Demonstrative_Examples 2010-02-16 CWE Content Team MITRE Internal updated Relationships 2010-04-05 CWE Content Team MITRE Internal updated Related_Attack_Patterns 2010-09-27 CWE Content Team MITRE Internal updated Potential_Mitigations 2011-06-01 CWE Content Team MITRE Internal updated Common_Consequences 2012-05-11 CWE Content Team MITRE Internal updated Demonstrative_Examples, References,
Relationships 2013-06-23(Critical)
CWE Content Team MITRE Internal CWE-247 and CWE-292 deprecated and merged into CWE-350 to address duplicates. 2013-07-17 CWE Content Team MITRE Internal updated Applicable_Platforms, Common_Consequences,
Demonstrative_Examples, Description, Name, Other_Notes,
Potential_Mitigations, References, Related_Attack_Patterns, Relationships,
Time_of_Introduction, Type 2014-07-30 CWE Content Team MITRE Internal updated Taxonomy_Mappings Previous Entry Names Change Date Previous Entry
Name 2008-04-11 Often Misused:
Authentication 2013-07-17 Reliance on DNS Lookups in a
Security Decision
CWE-292: DEPRECATED (Duplicate): Trusting Self-reported DNS Name
Weakness ID: 292
Deprecated Abstraction: Variant Status: Deprecated
Description
Description Summary
This
entry has been deprecated because it was a duplicate of
CWE-350 . All content has been transferred to
CWE-350 .
Likelihood of Exploit
Taxonomy Mappings
Mapped Taxonomy Name Node ID Fit Mapped Node Name Software Fault Patterns SFP29 Faulty endpoint authentication
Content History
Submissions Submission Date Submitter Organization Source CLASP Externally Mined Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Common_Consequences, Relationships, Other_Notes,
Taxonomy_Mappings 2009-05-27 CWE Content Team MITRE Internal updated Demonstrative_Examples 2009-10-29 CWE Content Team MITRE Internal updated Observed_Examples 2010-09-27 CWE Content Team MITRE Internal updated Potential_Mitigations 2011-06-01 CWE Content Team MITRE Internal updated Common_Consequences 2012-05-11 CWE Content Team MITRE Internal updated Demonstrative_Examples,
Relationships 2013-06-23(Critical)
CWE Content Team MITRE Internal CWE-247 and CWE-292 deprecated and merged into CWE-350 to address duplicates. 2013-07-17 CWE Content Team MITRE Internal updated Applicable_Platforms, Common_Consequences,
Demonstrative_Examples, Description, Name, Observed_Examples, Other_Notes,
Potential_Mitigations, Related_Attack_Patterns, Relationships,
Taxonomy_Mappings, Time_of_Introduction, Type 2014-07-30 CWE Content Team MITRE Internal updated Taxonomy_Mappings Previous Entry Names Change Date Previous Entry
Name 2013-07-17 Trusting Self-reported DNS
Name
CWE-592: DEPRECATED: Authentication Bypass Issues
Weakness ID: 592
Deprecated Abstraction: Class Status: Deprecated
Description
Description Summary
This
weakness has been deprecated because it covered redundant concepts already described in
CWE-287 .
Content History
Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Time_of_Introduction 2008-09-08 CWE Content Team MITRE Internal updated Relationships,
Taxonomy_Mappings 2009-05-27 CWE Content Team MITRE Internal updated Related_Attack_Patterns 2011-06-01 CWE Content Team MITRE Internal updated Common_Consequences 2012-05-11 CWE Content Team MITRE Internal updated References, Relationships 2014-07-30 CWE Content Team MITRE Internal updated Relationships 2017-05-03 CWE Content Team MITRE Internal updated Common_Consequences, Description, Name, References, Related_Attack_Patterns, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type Previous Entry Names Change Date Previous Entry
Name 2017-05-03 Authentication Bypass Issues
CWE-217: DEPRECATED: Failure to Protect Stored Data from Modification
Weakness ID: 217
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
weakness has been deprecated because it incorporated and confused multiple weaknesses. The issues formerly covered in this weakness can be found at
CWE-766 and
CWE-767 .
Content History
Submissions Submission Date Submitter Organization Source CLASP Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Time_of_Introduction 2008-09-08 CWE Content Team MITRE Internal updated Common_Consequences, Relationships, Other_Notes,
Taxonomy_Mappings 2009-05-20 CWE Content Team MITRE Internal deprecated this entry in favor of new entries which focus on the multiple weaknesses formerly described here, CWE-766 and CWE-767 2009-05-27 CWE Content Team MITRE Internal updated Alternate_Terms, Applicable_Platforms,
Common_Consequences, Demonstrative_Examples, Description,
Likelihood_of_Exploit, Name, Other_Notes, Potential_Mitigations,
Related_Attack_Patterns, Relationships, Taxonomy_Mappings,
Time_of_Introduction, Type 2009-10-29 CWE Content Team MITRE Internal updated Relationships Previous Entry Names Change Date Previous Entry
Name 2009-05-27 Failure to Protect Stored
Data from Modification
CWE CATEGORY: DEPRECATED: General Special Element Problems
Category ID: 139
Deprecated Status: Deprecated
Description
Description Summary
This
entry has been deprecated. It is a leftover from PLOVER, but
CWE-138 is a more appropriate mapping.
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Applicable_Platforms, Description,
Functional_Areas, Name, Relationships, Type 2009-10-29 CWE Content Team MITRE Internal updated Relationships 2010-06-21 CWE Content Team MITRE Internal updated Description Previous Entry Names Change Date Previous Entry
Name 2008-09-09 General Special Element
Problems
CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters
Weakness ID: 92
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations.
CWE-75 is a more appropriate mapping.
Content History
Submissions Submission Date Submitter Organization Source PLOVER Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Time_of_Introduction 2008-09-08 CWE Content Team MITRE Internal updated Maintenance_Notes, Relationships,
Relationship_Notes, Taxonomy_Mappings,
Weakness_Ordinalities 2008-10-14 CWE Content Team MITRE Internal updated Description, Name 2009-05-27 CWE Content Team MITRE Internal updated Description, Name 2009-07-27 CWE Content Team MITRE Internal updated Applicable_Platforms, Causal_Nature,
Maintenance_Notes, Name, Observed_Examples, Potential_Mitigations,
Related_Attack_Patterns, Relationship_Notes, Relationships, Research_Gaps,
Taxonomy_Mappings, Time_of_Introduction, Type,
Weakness_Ordinalities 2009-10-29 CWE Content Team MITRE Internal updated Relationships 2009-12-28 CWE Content Team MITRE Internal updated Related_Attack_Patterns 2010-06-21 CWE Content Team MITRE Internal updated Description,
Maintenance_Notes Previous Entry Names Change Date Previous Entry
Name 2008-10-14 Custom Special Character
Injection 2009-05-27 Insufficient Sanitization of
Custom Special Characters 2009-07-27 Improper Sanitization of
Custom Special Characters
CWE-458: DEPRECATED: Incorrect Initialization
Weakness ID: 458
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
weakness has been deprecated because its name and description did not match. The description duplicated
CWE-454 , while the name suggested a more abstract initialization problem. Please refer to
CWE-665 for the more abstract problem.
Content History
Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Relationships 2009-10-29 CWE Content Team MITRE Internal updated Relationships Previous Entry Names Change Date Previous Entry
Name 2008-04-11 Incorrect
Initialization
CWE-249: DEPRECATED: Often Misused: Path Manipulation
Weakness ID: 249
Deprecated Abstraction: Variant Status: Deprecated
Description
Description Summary
This
entry has been deprecated because of name confusion and an accidental combination of multiple
weaknesses . Most of its content has been transferred to
CWE-785 .
Maintenance Notes
This entry was deprecated for several reasons. The primary reason is over-loading of the "path manipulation" term and the description. The original description for this entry was the same as that for the "Often Misused: File System" item in the original Seven Pernicious Kingdoms paper. However, Seven Pernicious Kingdoms also has a "Path Manipulation" phrase that is for external control of pathnames (CWE-73 ), which is a factor in symbolic link following and path traversal, neither of which is explicitly mentioned in 7PK. Fortify uses the phrase "Often Misused: Path Manipulation" for a broader range of problems, generally for issues related to buffer management. Given the multiple conflicting uses of this term, there is a chance that CWE users may have incorrectly mapped to this entry.
The second reason for deprecation is an implied combination of multiple weaknesses within buffer-handling functions. The focus of this entry has generally been on the path-conversion functions and their association with buffer overflows. However, some of Fortify's Vulncat entries have the term "path manipulation" but describe a non-overflow weakness in which the buffer is not guaranteed to contain the entire pathname, i.e., there is information truncation (see CWE-222 for a similar concept). A new entry for this non-overflow weakness may be created in a future version of CWE.
Content History
Submissions Submission Date Submitter Organization Source 7 Pernicious Kingdoms Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Time_of_Introduction 2008-08-01 KDM Analytics External added/updated white box definitions 2008-09-08 CWE Content Team MITRE Internal updated Applicable_Platforms, Relationships, Other_Notes,
Taxonomy_Mappings 2009-05-27 CWE Content Team MITRE Internal updated Demonstrative_Examples 2009-07-17(Critical)
KDM Analytics External Described inconsistencies in this entry, which the CWE
Content Team had already slated for deprecation. 2009-07-27 CWE Content Team MITRE Internal updated Affected_Resources, Applicable_Platforms,
Demonstrative_Examples, Description, Maintenance_Notes, Name, Other_Notes,
Potential_Mitigations, Relationships, Taxonomy_Mappings,
Time_of_Introduction, Type, White_Box_Definitions 2009-10-29 CWE Content Team MITRE Internal updated Relationships Previous Entry Names Change Date Previous Entry
Name 2009-07-27 Often Misused: Path
Manipulation
CWE-373: DEPRECATED: State Synchronization Error
Weakness ID: 373
Deprecated Abstraction: Base Status: Deprecated
Description
Description Summary
This
entry was deprecated because it overlapped the same concepts as race condition (
CWE-362 ) and
Improper Synchronization (
CWE-662 ).
Content History
Submissions Submission Date Submitter Organization Source CLASP Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Time_of_Introduction 2008-09-08 CWE Content Team MITRE Internal updated Common_Consequences, Relationships, Other_Notes,
Taxonomy_Mappings 2010-12-12(Critical)
CWE Content Team MITRE Internal Deprecated entry 2010-12-13 CWE Content Team MITRE Internal updated Applicable_Platforms, Common_Consequences,
Demonstrative_Examples, Description, Likelihood_of_Exploit, Name,
Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings,
Time_of_Introduction, Type Previous Entry Names Change Date Previous Entry
Name 2010-12-13 State Synchronization
Error
CWE-545: DEPRECATED: Use of Dynamic Class Loading
Weakness ID: 545
Deprecated Abstraction: Variant Status: Deprecated
Description
Description Summary
This
weakness has been deprecated because it partially overlaps
CWE-470 , it describes legitimate programmer
behavior , and other portions will need to be integrated into other entries.
Content History
Submissions Submission Date Submitter Organization Source Anonymous Tool Vendor (under NDA) Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Sean Eidemiller Cigital External added/updated demonstrative
examples 2008-07-01 Eric Dalci Cigital External updated Time_of_Introduction 2008-09-08 CWE Content Team MITRE Internal updated Relationships, Other_Notes,
Taxonomy_Mappings 2011-06-01 CWE Content Team MITRE Internal updated Common_Consequences 2012-05-11 CWE Content Team MITRE Internal updated Common_Consequences,
Relationships 2012-10-30 CWE Content Team MITRE Internal updated Potential_Mitigations 2014-07-30 CWE Content Team MITRE Internal updated Relationships,
Taxonomy_Mappings 2017-05-03 CWE Content Team MITRE Internal updated Applicable_Platforms, Common_Consequences, Demonstrative_Examples, Description, Name, Other_Notes, Potential_Mitigations, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type Previous Entry Names Change Date Previous Entry
Name 2008-04-11 Dynamic Class
Loading 2017-05-03 Use of Dynamic Class Loading
CWE CATEGORY: DEPRECATED: User Interface Errors
Category ID: 445
Deprecated Status: Deprecated
Description
Description Summary
This
weakness has been deprecated because it was a duplicate of
CWE-355 . All content has been transferred to
CWE-355 .
Content History
Submissions Submission Date Submitter Organization Source PLOVER Externally Mined Modifications Modification Date Modifier Organization Source 2008-09-08 CWE Content Team MITRE Internal updated Relationships,
Taxonomy_Mappings 2017-01-19 CWE Content Team MITRE Internal updated Applicable_Platforms, Description, Name,
Relationships, Research_Gaps, Taxonomy_Mappings, Type Previous Entry Names Change Date Previous Entry
Name 2008-04-11 User Interface Quality
Errors 2017-01-19 User Interface
Errors
More information is available — Please select a different filter.
View Data
