Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:Comprehensive Categorization: Violation of Secure Design Principles
Category ID:1418
Vulnerability Mapping:Prohibited
Status:Incomplete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to violation of secure design principles.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV1400Comprehensive Categorization for Software Assurance Trends
HasMemberAllowedB1189Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
HasMemberAllowedB1192Improper Identifier for IP Block used in System-On-Chip (SOC)
HasMemberAllowedB1303Non-Transparent Sharing of Microarchitectural Resources
HasMemberAllowedB1331Improper Isolation of Shared Resources in Network On Chip (NoC)
HasMemberAllowed-with-ReviewC1395Dependency on Vulnerable Third-Party Component
HasMemberAllowedB250Execution with Unnecessary Privileges
HasMemberAllowed-with-ReviewC424Improper Protection of Alternate Path
HasMemberAllowedB447Unimplemented or Unsupported Feature in UI
HasMemberAllowedC653Improper Isolation or Compartmentalization
HasMemberAllowed-with-ReviewC636Not Failing Securely ('Failing Open')
HasMemberAllowed-with-ReviewC637Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism')
HasMemberAllowed-with-ReviewC638Not Using Complete Mediation
HasMemberAllowedB654Reliance on a Single Factor in a Security Decision
HasMemberAllowed-with-ReviewC655Insufficient Psychological Acceptability
HasMemberAllowed-with-ReviewC656Reliance on Security Through Obscurity
HasMemberDiscouragedC657Violation of Secure Design Principles
HasMemberAllowed-with-ReviewC671Lack of Administrator Control over Security
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 1400
Name: Comprehensive Categorization for Software Assurance Trends
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1189
Name: Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1192
Name: Improper Identifier for IP Block used in System-On-Chip (SOC)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1303
Name: Non-Transparent Sharing of Microarchitectural Resources
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1331
Name: Improper Isolation of Shared Resources in Network On Chip (NoC)
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1395
Name: Dependency on Vulnerable Third-Party Component
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 250
Name: Execution with Unnecessary Privileges
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 424
Name: Improper Protection of Alternate Path
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 447
Name: Unimplemented or Unsupported Feature in UI
Nature: HasMember
Mapping: Allowed
Type: Class
ID: 653
Name: Improper Isolation or Compartmentalization
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 636
Name: Not Failing Securely ('Failing Open')
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 637
Name: Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism')
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 638
Name: Not Using Complete Mediation
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 654
Name: Reliance on a Single Factor in a Security Decision
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 655
Name: Insufficient Psychological Acceptability
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 656
Name: Reliance on Security Through Obscurity
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 657
Name: Violation of Secure Design Principles
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 671
Name: Lack of Administrator Control over Security
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1330].

Comments:

See member weaknesses of this category.

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-1330
Title: CVE --> CWE Mapping Guidance - Quick Tips
Version: v4.15
Author: MITRE
Publication:
Publisher:
Edition:
URL:https://cwe.mitre.org/documents/cwe_usage/quick_tips.html
URL Date:
Day:25
Month:03
Year:2021
Details not found