View: Deprecated Entries
Draft
Type: Implicit
Objective
CWE nodes in this view (slice) have been deprecated. There should be a reference pointing to the replacement in each deprecated weakness.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1187 | DEPRECATED: Use of Uninitialized Resource | This entry has been deprecated because it was a duplicate of CWE-908. All content has been transferred to CWE-908. |
| CWE-132 | DEPRECATED: Miscalculated Null Termination | This entry has been deprecated because it was a duplicate of CWE-170. All content has been transferred to CWE-170. |
| CWE-1324 | DEPRECATED: Sensitive Information Accessible by Physical Probing of JTAG Interface | This entry has been deprecated because it was at a lower level of abstraction than supported by CWE. All relevant content has been integrated into CWE-319. |
| CWE-216 | DEPRECATED: Containment Errors (Container Errors) | This entry has been deprecated, as it was not effective as a weakness and was structured more like a category. In addition, the name is inappropriate, since the "container" term is widely understood by developers in different ways than originally intended by PLOVER, the original source for this entry. |
| CWE-217 | DEPRECATED: Failure to Protect Stored Data from Modification | This entry has been deprecated because it incorporated and confused multiple weaknesses. The issues formerly covered in this entry can be found at CWE-766 and CWE-767. |
| CWE-218 | DEPRECATED: Failure to provide confidentiality for stored data | This weakness has been deprecated because it was a duplicate of CWE-493. All content has been transferred to CWE-493. |
| CWE-225 | DEPRECATED: General Information Management Problems | This weakness can be found at CWE-199. |
| CWE-247 | DEPRECATED: Reliance on DNS Lookups in a Security Decision | This entry has been deprecated because it was a duplicate of CWE-350. All content has been transferred to CWE-350. |
| CWE-249 | DEPRECATED: Often Misused: Path Manipulation | This entry has been deprecated because of name confusion and an accidental combination of multiple weaknesses. Most of its content has been transferred to CWE-785. |
| CWE-292 | DEPRECATED: Trusting Self-reported DNS Name | This entry has been deprecated because it was a duplicate of CWE-350. All content has been transferred to CWE-350. |
| CWE-365 | DEPRECATED: Race Condition in Switch | This entry has been deprecated. There are no documented cases in which a switch's control expression is evaluated more than once. |
| CWE-373 | DEPRECATED: State Synchronization Error | This entry was deprecated because it overlapped the same concepts as race condition (CWE-362) and Improper Synchronization (CWE-662). |
| CWE-423 | DEPRECATED: Proxied Trusted Channel | This entry has been deprecated because it was a duplicate of CWE-441. All content has been transferred to CWE-441. |
| CWE-443 | DEPRECATED: HTTP response splitting | This weakness can be found at CWE-113. |
| CWE-458 | DEPRECATED: Incorrect Initialization | This weakness has been deprecated because its name and description did not match. The description duplicated CWE-454, while the name suggested a more abstract initialization problem. Please refer to CWE-665 for the more abstract problem. |
| CWE-516 | DEPRECATED: Covert Timing Channel | This weakness can be found at CWE-385. |
| CWE-533 | DEPRECATED: Information Exposure Through Server Log Files | This entry has been deprecated because its abstraction was too low-level. See CWE-532. |
| CWE-534 | DEPRECATED: Information Exposure Through Debug Log Files | This entry has been deprecated because its abstraction was too low-level. See CWE-532. |
| CWE-542 | DEPRECATED: Information Exposure Through Cleanup Log Files | This entry has been deprecated because its abstraction was too low-level. See CWE-532. |
| CWE-545 | DEPRECATED: Use of Dynamic Class Loading | This weakness has been deprecated because it partially overlaps CWE-470, it describes legitimate programmer behavior, and other portions will need to be integrated into other entries. |
| CWE-592 | DEPRECATED: Authentication Bypass Issues | This weakness has been deprecated because it covered redundant concepts already described in CWE-287. |
| CWE-596 | DEPRECATED: Incorrect Semantic Object Comparison | This weakness has been deprecated. It was poorly described and difficult to distinguish from other entries. It was also inappropriate to assign a separate ID solely because of domain-specific considerations. Its closest equivalent is CWE-1023. |
| CWE-71 | DEPRECATED: Apple '.DS_Store' | This entry has been deprecated as it represents a specific observed example of a UNIX Hard Link weakness type rather than its own individual weakness type. Please refer to CWE-62. |
| CWE-769 | DEPRECATED: Uncontrolled File Descriptor Consumption | This entry has been deprecated because it was a duplicate of CWE-774. All content has been transferred to CWE-774. |
| CWE-92 | DEPRECATED: Improper Sanitization of Custom Special Characters | This entry has been deprecated. It originally came from PLOVER, which sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. CWE-75 is a more appropriate mapping. |
| CWE-1 | DEPRECATED: Location | This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-10 | DEPRECATED: ASP.NET Environment Issues | This category has been deprecated. It added unnecessary depth and complexity to its associated views. |
| CWE-100 | DEPRECATED: Technology-Specific Input Validation Problems | This category has been deprecated. It was originally intended as a "catch-all" for input validation problems in technologies that did not have their own CWE, but introduces unnecessary depth to the hierarchy. |
| CWE-101 | DEPRECATED: Struts Validation Problems | This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-139 | DEPRECATED: General Special Element Problems | This entry has been deprecated. It is a leftover from PLOVER, but CWE-138 is a more appropriate mapping. |
| CWE-169 | DEPRECATED: Technology-Specific Special Elements | This category has been deprecated. It was originally intended as a "catch-all" for input validation problems in technologies that did not have their own CWE, but introduces unnecessary depth to the hierarchy. |
| CWE-17 | DEPRECATED: Code | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-171 | DEPRECATED: Cleansing, Canonicalization, and Comparison Errors | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. Weaknesses in this category were related to improper handling of data within protection mechanisms that attempt to perform neutralization for untrusted data. These weaknesses can be found in other similar categories. |
| CWE-18 | DEPRECATED: Source Code | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-21 | DEPRECATED: Pathname Traversal and Equivalence Errors | This category has been deprecated. It was originally used for organizing weaknesses involving file names, which enabled access to files outside of a restricted directory (path traversal) or to perform operations on files that would otherwise be restricted (path equivalence). Consider using either the File Handling Issues category (CWE-1219) or the class Use of Incorrectly-Resolved Name or Reference (CWE-706). |
| CWE-3 | DEPRECATED: Technology-specific Environment Issues | This category has been deprecated. It was originally intended as a "catch-all" for environment issues for technologies that did not have their own CWE, but it introduced unnecessary depth and complexity to the Development View (CWE-699). |
| CWE-376 | DEPRECATED: Temporary File Issues | This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. Consider using the File Handling Issues category (CWE-1219). |
| CWE-380 | DEPRECATED: Technology-Specific Time and State Issues | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-381 | DEPRECATED: J2EE Time and State Issues | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-4 | DEPRECATED: J2EE Environment Issues | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-418 | DEPRECATED: Channel Errors | This category has been deprecated because it redundant with the grouping provided by CWE-417. |
| CWE-442 | DEPRECATED: Web Problems | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-445 | DEPRECATED: User Interface Errors | This weakness has been deprecated because it was a duplicate of CWE-355. All content has been transferred to CWE-355. |
| CWE-461 | DEPRECATED: Data Structure Issues | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-490 | DEPRECATED: Mobile Code Issues | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-503 | DEPRECATED: Byte/Object Code | This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-504 | DEPRECATED: Motivation/Intent | This category has been deprecated. It was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-505 | DEPRECATED: Intentionally Introduced Weakness | This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-513 | DEPRECATED: Intentionally Introduced Nonmalicious Weakness | This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-517 | DEPRECATED: Other Intentional, Nonmalicious Weakness | This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-518 | DEPRECATED: Inadvertently Introduced Weakness | This category has been deprecated as it was originally used for organizing the Development View (CWE-699), but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-519 | DEPRECATED: .NET Environment Issues | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-559 | DEPRECATED: Often Misused: Arguments and Parameters | This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree. |
| CWE-60 | DEPRECATED: UNIX Path Link Problems | This category has been deprecated. It covered a very low level of abstraction based on operating system, which was not useful for any existing view. |
| CWE-63 | DEPRECATED: Windows Path Link Problems | This category has been deprecated. It covered a very low level of abstraction based on operating system, which was not useful for any existing view. |
| CWE-632 | DEPRECATED: Weaknesses that Affect Files or Directories | This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE. |
| CWE-633 | DEPRECATED: Weaknesses that Affect Memory | This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE. |
| CWE-634 | DEPRECATED: Weaknesses that Affect System Processes | This category has been deprecated. It was not actively maintained, and it was not useful to stakeholders. It was originally created before CWE 1.0 as part of view CWE-631, which was a simple example of how views could be structured within CWE. |
| CWE-68 | DEPRECATED: Windows Virtual File Problems | This category has been deprecated as it was found to be an unnecessary abstraction of platform specific details. Please refer to the category CWE-632 and weakness CWE-66 for relevant relationships. |
| CWE-70 | DEPRECATED: Mac Virtual File Problems | This category has been deprecated as it was found to be an unnecessary abstraction of platform specific details. Please refer to the category CWE-632 and weakness CWE-66 for relevant relationships. |
| CWE-630 | DEPRECATED: Weaknesses Examined by SAMATE | This view has been deprecated. It was only used for an early year of the NIST SAMATE project, and it did not represent any official or commonly-utilized list. |
| CWE-631 | DEPRECATED: Resource-specific Weaknesses | This view has been deprecated because it is not actively maintained and does not provide utility to stakeholders. It was originally created before CWE 1.0 as a simple example of how views could be structured within CWE. |
| CWE-679 | DEPRECATED: Chain Elements | This view has been deprecated. It has limited utility for stakeholders, since all weaknesses can be links in a chain. |
| CWE-999 | DEPRECATED: Weaknesses without Software Fault Patterns | This view has been deprecated. It was based on gaps in another view (CWE-888) related to research that is no longer updated, but was complete with respect to CWE at the time it was conducted. |
Mapping Notes
Usage: Prohibited
Reasons: View
Rationale:
This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.
Comment:
Use this View or other Views to search and navigate for the appropriate weakness.