Unimplemented or Unsupported Feature in UI
Weakness ID: 447 (Weakness Base)Status: Draft
+ Description

Description Summary

A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but the underlying functionality is not implemented.
+ Time of Introduction
  • Architecture and Design
  • Implementation
  • Operation
+ Applicable Platforms

Languages

All

+ Observed Examples
ReferenceDescription
CVE-2000-0127GUI configuration tool does not enable a security option when a checkbox is selected, although that option is honored when manually set in the configuration file.
CVE-2001-0863Router does not implement a specific keyword when it is used in an ACL, allowing filter bypass.
CVE-2001-0865Router does not implement a specific keyword when it is used in an ACL, allowing filter bypass.
CVE-2004-0979Web browser does not properly modify security setting when the user sets it.
+ Potential Mitigations

Perform functionality testing before deploying the application.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness BaseWeakness Base446UI Discrepancy for Security Feature
Development Concepts (primary)699
Research Concepts1000
ChildOfWeakness ClassWeakness Class671Lack of Administrator Control over Security
Research Concepts (primary)1000
+ Research Gaps

This issue needs more study, as there are not many examples. It is not clear whether it is primary or resultant.

+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERUnimplemented or unsupported feature in UI
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Potential Mitigations, Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other Notes, Taxonomy Mappings
2009-12-28CWE Content TeamMITREInternal
updated Other Notes, Potential Mitigations, Research Gaps