Incomplete Model of Endpoint Features

Incomplete Base

Structure: Simple

Description

A product acts as an intermediary or monitor between two or more endpoints, but it does not have a complete model of an endpoint's features, behaviors, or state, potentially causing the product to perform incorrect actions based on this incomplete model.

Common Consequences 1

Scope: IntegrityOther

Impact: Unexpected StateVaries by Context

Demonstrative Examples 2

HTTP request smuggling is an attack against an intermediary such as a proxy. This attack works because the proxy expects the client to parse HTTP headers one way, but the client parses them differently.

Anti-virus products that reside on mail servers can suffer from this issue if they do not know how a mail client will handle a particular attachment. The product might treat an attachment type as safe, not knowing that the client's configuration treats it as executable.

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Modes of Introduction

Architecture and Design

Implementation

Related Weaknesses

ChildOf:

Interpretation Conflict (CWE-436)

Taxonomy Mapping

PLOVER

Notes

RelationshipThis can be related to interaction errors, although in some cases, one of the endpoints is not performing correctly according to specification.