Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-710:Improper Adherence to Coding Standards
Weakness ID:710
Version:v4.17
Weakness Name:Improper Adherence to Coding Standards
Vulnerability Mapping:Discouraged
Abstraction:Pillar
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

The product does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.

▼Extended Description

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
MemberOfProhibitedV1000Research Concepts
ParentOfProhibitedB1066Missing Serialization Control Element
ParentOfProhibitedB1068Inconsistency Between Implementation and Documented Design
ParentOfProhibitedB1044Architecture with Number of Horizontal Layers Outside of Expected Range
ParentOfAllowed-with-ReviewC1120Excessive Code Complexity
ParentOfAllowedB1127Compilation with Insufficient Warnings or Errors
ParentOfProhibitedC1059Insufficient Technical Documentation
ParentOfAllowed-with-ReviewC1061Insufficient Encapsulation
ParentOfProhibitedC1076Insufficient Adherence to Expected Conventions
ParentOfProhibitedB1041Use of Redundant Code
ParentOfProhibitedB1065Runtime Resource Management Control Element in a Component Built to Run on Application Servers
ParentOfProhibitedB1048Invokable Control Element with Large Number of Outward Calls
ParentOfProhibitedB1092Use of Same Invokable Control Element in Multiple Architectural Layers
ParentOfAllowed-with-ReviewC1093Excessively Complex Data Representation
ParentOfProhibitedB1101Reliance on Runtime Component in Generated Code
ParentOfAllowedB1126Declaration of Variable with Unnecessarily Wide Scope
ParentOfAllowed-with-ReviewC1164Irrelevant Code
ParentOfAllowed-with-ReviewC1177Use of Prohibited Code
ParentOfAllowedB1209Failure to Disable Reserved Bits
ParentOfAllowed-with-ReviewC1357Reliance on Insufficiently Trustworthy Component
ParentOfAllowedB476NULL Pointer Dereference
ParentOfAllowedB477Use of Obsolete Function
ParentOfAllowedB484Omitted Break Statement in Switch
ParentOfAllowedB489Active Debug Code
ParentOfAllowedB570Expression is Always False
ParentOfAllowedB571Expression is Always True
ParentOfAllowed-with-ReviewC573Improper Following of Specification by Caller
ParentOfDiscouragedC657Violation of Secure Design Principles
ParentOfAllowed-with-ReviewC758Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
ParentOfAllowed-with-ReviewC684Incorrect Provision of Specified Functionality
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 1000
Name: Research Concepts
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1066
Name: Missing Serialization Control Element
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1068
Name: Inconsistency Between Implementation and Documented Design
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1044
Name: Architecture with Number of Horizontal Layers Outside of Expected Range
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 1120
Name: Excessive Code Complexity
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 1127
Name: Compilation with Insufficient Warnings or Errors
Nature: ParentOf
Mapping: Prohibited
Type: Class
ID: 1059
Name: Insufficient Technical Documentation
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 1061
Name: Insufficient Encapsulation
Nature: ParentOf
Mapping: Prohibited
Type: Class
ID: 1076
Name: Insufficient Adherence to Expected Conventions
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1041
Name: Use of Redundant Code
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1065
Name: Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1048
Name: Invokable Control Element with Large Number of Outward Calls
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1092
Name: Use of Same Invokable Control Element in Multiple Architectural Layers
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 1093
Name: Excessively Complex Data Representation
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1101
Name: Reliance on Runtime Component in Generated Code
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 1126
Name: Declaration of Variable with Unnecessarily Wide Scope
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 1164
Name: Irrelevant Code
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 1177
Name: Use of Prohibited Code
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 1209
Name: Failure to Disable Reserved Bits
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 1357
Name: Reliance on Insufficiently Trustworthy Component
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 476
Name: NULL Pointer Dereference
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 477
Name: Use of Obsolete Function
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 484
Name: Omitted Break Statement in Switch
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 489
Name: Active Debug Code
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 570
Name: Expression is Always False
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 571
Name: Expression is Always True
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 573
Name: Improper Following of Specification by Caller
Nature: ParentOf
Mapping: Discouraged
Type: Class
ID: 657
Name: Violation of Secure Design Principles
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 758
Name: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Nature: ParentOf
Mapping: Allowed-with-Review
Type: Class
ID: 684
Name: Incorrect Provision of Specified Functionality
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC978SFP Secondary Cluster: Implementation
MemberOfProhibitedC1370ICS Supply Chain: Common Mode Frailties
MemberOfProhibitedC1375ICS Engineering (Construction/Deployment): Gaps in Details/Data
MemberOfProhibitedC1383ICS Operations (& Maintenance): Compliance/Conformance with Regulatory Requirements
MemberOfProhibitedC1412Comprehensive Categorization: Poor Coding Practices
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 978
Name: SFP Secondary Cluster: Implementation
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1370
Name: ICS Supply Chain: Common Mode Frailties
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1375
Name: ICS Engineering (Construction/Deployment): Gaps in Details/Data
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1383
Name: ICS Operations (& Maintenance): Compliance/Conformance with Regulatory Requirements
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1412
Name: Comprehensive Categorization: Poor Coding Practices
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-294Not Language-Specific Weaknesses
MemberOfProhibitedBSBOSS-307Not Technology-Specific (technology class) Weaknesses
MemberOfProhibitedBSBOSS-312Other (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-294
Name: Not Language-Specific Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-307
Name: Not Technology-Specific (technology class) Weaknesses
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-312
Name: Other (impact)
▼Relevant To View
Relevant to the view"SEI ETF Categories of Security Vulnerabilities in ICS - (1358)"
NatureMappingTypeIDName
MemberOfProhibitedC1370ICS Supply Chain: Common Mode Frailties
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1370
Name: ICS Supply Chain: Common Mode Frailties
Relevant to the view"SEI ETF Categories of Security Vulnerabilities in ICS - (1358)"
NatureMappingTypeIDName
MemberOfProhibitedC1375ICS Engineering (Construction/Deployment): Gaps in Details/Data
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1375
Name: ICS Engineering (Construction/Deployment): Gaps in Details/Data
Relevant to the view"SEI ETF Categories of Security Vulnerabilities in ICS - (1358)"
NatureMappingTypeIDName
MemberOfProhibitedC1383ICS Operations (& Maintenance): Compliance/Conformance with Regulatory Requirements
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1383
Name: ICS Operations (& Maintenance): Compliance/Conformance with Regulatory Requirements
Relevant to the view"Software Fault Pattern (SFP) Clusters - (888)"
NatureMappingTypeIDName
MemberOfProhibitedC978SFP Secondary Cluster: Implementation
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 978
Name: SFP Secondary Cluster: Implementation
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
OtherN/AOther
N/A
Scope: Other
Likelihood: N/A
Impact: Other
Note:
N/A
▼Potential Mitigations
Phase:Implementation
Mitigation ID:
Strategy:
Effectiveness:
Description:

Document and closely follow coding standards.

Note:

Phase:Testing, Implementation
Mitigation ID:
Strategy:
Effectiveness:
Description:

Where possible, use automated tools to enforce the standards.

Note:

▼Modes Of Introduction
Phase: Architecture and Design
Note:

N/A

Phase: Implementation
Note:

N/A

▼Applicable Platforms
Languages
Class: Not Language-Specific(Undetermined Prevalence)
Technology
Class: Not Technology-Specific(Undetermined Prevalence)
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      Usage:Discouraged
      Reason:Abstraction
      Rationale:

      This CWE entry is extremely high-level, a Pillar.

      Comments:

      Consider children or descendants of this entry instead.

      Suggestions:
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      ▼Related Attack Patterns
      IDName
      ▼References
      Details not found