Category: SFP Secondary Cluster: Protocol Error
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Protocol Error cluster.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-353 | Missing Support for Integrity Check | The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum. |
| CWE-435 | Improper Interaction Between Multiple Correctly-Behaving Entities | An interaction error occurs when two entities have correct behavior when running independently of each other, but when they are integrated as components in a larger system or process, they introduce incorrect behaviors that may cause resultant weaknesses. |
| CWE-436 | Interpretation Conflict | Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state. |
| CWE-437 | Incomplete Model of Endpoint Features | A product acts as an intermediary or monitor between two or more endpoints, but it does not have a complete model of an endpoint's features, behaviors, or state, potentially causing the product to perform incorrect actions based on this incomplete model. |
| CWE-757 | Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') | A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.