The UI Performs the Wrong Action
Incomplete Base
Structure: Simple
Description
The UI performs the wrong action with respect to the user's request.
Common Consequences 1
Scope: Other
Impact: Quality DegradationVaries by Context
Potential Mitigations 1
Phase: Testing
Perform extensive functionality testing of the UI. The UI should behave as specified.
Observed Examples 3
CVE-2001-1387Network firewall accidentally implements one command line option as if it were another, possibly leading to behavioral infoleak.
CVE-2001-0081Command line option correctly suppresses a user prompt but does not properly disable a feature, although when the product prompts the user, the feature is properly disabled.
CVE-2002-1977Product does not "time out" according to user specification, leaving sensitive data available after it has expired.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Implementation
Related Weaknesses
Taxonomy Mapping
- PLOVER