CWE-696 Detail

CWE-696

Incorrect Behavior Order
Incomplete
2008-09-09
00h00 +00:00
2024-02-29
00h00 +00:00
CWE Mitre.org
Notifications for a CWE
Stay informed of any changes for a specific CWE.
Notifications manage

Name: Incorrect Behavior Order

The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.

General Informations

Modes Of Introduction

Architecture and Design
Implementation

Common Consequences

Scope Impact Likelihood
IntegrityAlter Execution Logic

Observed Examples

References Description

CVE-2019-9805

Chain: Creation of the packet client occurs before initialization is complete (CWE-696) resulting in a read from uninitialized memory (CWE-908), causing memory corruption.

CVE-2007-5191

file-system management programs call the setuid and setgid functions in the wrong order and do not check the return values, allowing attackers to gain unintended privileges

CVE-2007-1588

C++ web server program calls Process::setuid before calling Process::setgid, preventing it from dropping privileges, potentially allowing CGI programs to be called with higher privileges than intended

CVE-2022-37734

Chain: lexer in Java-based GraphQL server does not enforce maximum of tokens early enough (CWE-696), allowing excessive CPU consumption (CWE-1176)

Vulnerability Mapping Notes

Justification : This CWE entry is a Class and might have Base-level children that would be more appropriate
Comment : Examine children of this entry to see if there is a better fit

Related Attack Patterns

CAPEC-ID Attack Pattern Name
CAPEC-463 Padding Oracle Crypto Attack
An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.

Submission

Name Organization Date Date release Version
CWE Content Team MITRE 2008-09-09 +00:00 2008-09-09 +00:00 1.0

Modifications

Name Organization Date Comment
CWE Content Team MITRE 2008-11-24 +00:00 updated Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2009-05-27 +00:00 updated Description
CWE Content Team MITRE 2011-03-29 +00:00 updated Relationships
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences
CWE Content Team MITRE 2011-06-27 +00:00 updated Common_Consequences
CWE Content Team MITRE 2012-05-11 +00:00 updated Related_Attack_Patterns, Relationships, Weakness_Ordinalities
CWE Content Team MITRE 2014-07-30 +00:00 updated Relationships
CWE Content Team MITRE 2017-05-03 +00:00 updated Observed_Examples
CWE Content Team MITRE 2017-11-08 +00:00 updated Taxonomy_Mappings
CWE Content Team MITRE 2019-01-03 +00:00 updated Relationships
CWE Content Team MITRE 2020-02-24 +00:00 updated Relationships
CWE Content Team MITRE 2020-06-25 +00:00 updated Description, Observed_Examples, Relationships
CWE Content Team MITRE 2021-03-15 +00:00 updated Observed_Examples
CWE Content Team MITRE 2023-04-27 +00:00 updated Relationships
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2023-10-26 +00:00 updated Demonstrative_Examples, Observed_Examples
CWE Content Team MITRE 2024-02-29 +00:00 updated Demonstrative_Examples