Failure to Follow Specification |
Weakness ID: 573 (Weakness Class) | Status: Draft |
Description Summary
The software fails to follow the specifications for the implementation language, environment, framework, protocol, or platform.
Extended Description
When leveraging external functionality, such as an API, it is important that the caller does so in accordance with the requirements of the external functionality or else unintended behaviors may result, possibly leaving the system vulnerable to any number of exploits.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Class | 227 | Failure to Fulfill API Contract ('API Abuse') | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 103 | Struts: Incomplete validate() Method Definition | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 104 | Struts: Form Bean Does Not Extend Validation Class | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 243 | Failure to Change Working Directory in chroot Jail | Research Concepts1000 |
ParentOf | Weakness Base | 253 | Incorrect Check of Function Return Value | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 296 | Improper Following of Chain of Trust for Certificate Validation | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 304 | Missing Critical Step in Authentication | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 325 | Missing Required Cryptographic Step | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 329 | Not Using a Random IV with CBC Mode | Research Concepts1000 |
ParentOf | Weakness Base | 358 | Improperly Implemented Security Check for Standard | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 475 | Undefined Behavior for Input to API | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 568 | finalize() Method Without super.finalize() | Research Concepts1000 |
ParentOf | Weakness Variant | 577 | EJB Bad Practices: Use of Sockets | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 578 | EJB Bad Practices: Use of Class Loader | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 579 | J2EE Bad Practices: Non-serializable Object Stored in Session | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 580 | clone() Method Without super.clone() | Development Concepts699 Research Concepts1000 |
ParentOf | Weakness Base | 581 | Object Model Violation: Just One of Equals and Hashcode Defined | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 628 | Function Call with Incorrectly Specified Arguments | Research Concepts (primary)1000 |
ParentOf | Weakness Class | 675 | Duplicate Operations on Resource | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 694 | Use of Multiple Resources with Duplicate Identifier | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 695 | Use of Low-Level Functionality | Development Concepts (primary)699 Research Concepts (primary)1000 |