English
Français
Light
Dark
System

CVEFind - Alertes CVE

Restez informé en continue
Créer un compte Ouvrez un compte Simple et Gratuit Se connecter Gérez vos alertes

CWE-344 Detail

CWE-344

Use of Invariant Value in Dynamically Changing Context
Draft
2006-07-19 00:00 +00:00
2024-02-29 00:00 +00:00
CWE Mitre.org

Alerte pour un CWE

Restez informé de toutes modifications pour un CWE spécifique.
Gestion des alertes

Use of Invariant Value in Dynamically Changing Context

The product uses a constant value, name, or reference, but this value can (or should) vary across different environments.

Informations

Modes Of Introduction

Architecture and Design
Implementation

Applicable Platforms

Language

Class: Not Language-Specific (Undetermined)

Common Consequences

Scope Impact Likelihood
OtherVaries by Context

Observed Examples

Reference Description
CVE-2002-0980Component for web browser writes an error message to a known location, which can then be referenced by attackers to process HTML/script in a less restrictive context

Vulnerability Mapping Notes

Rationale : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comments : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Notes

overlaps default configuration.

References

REF-267

SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
Information Technology Laboratory, National Institute of Standards and Technology.
https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf

Submission

Name Organization Date Date Release Version
PLOVER 2006-07-19 +00:00 2006-07-19 +00:00 Draft 3

Modifications

Name Organization Date Comment
Eric Dalci Cigital 2008-07-01 +00:00 updated Time_of_Introduction
CWE Content Team MITRE 2008-09-08 +00:00 updated Relationships, Other_Notes, Relationship_Notes, Relevant_Properties, Taxonomy_Mappings, Weakness_Ordinalities
CWE Content Team MITRE 2009-03-10 +00:00 updated Potential_Mitigations
CWE Content Team MITRE 2009-12-28 +00:00 updated Potential_Mitigations
CWE Content Team MITRE 2010-02-16 +00:00 updated Relationships
CWE Content Team MITRE 2010-06-21 +00:00 updated Potential_Mitigations
CWE Content Team MITRE 2010-12-13 +00:00 updated Relationships
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences
CWE Content Team MITRE 2011-06-27 +00:00 updated Common_Consequences
CWE Content Team MITRE 2011-09-13 +00:00 updated Potential_Mitigations, References
CWE Content Team MITRE 2012-05-11 +00:00 updated Relationships
CWE Content Team MITRE 2012-10-30 +00:00 updated Potential_Mitigations
CWE Content Team MITRE 2014-06-23 +00:00 updated Other_Notes
CWE Content Team MITRE 2017-11-08 +00:00 updated Applicable_Platforms, References, Relevant_Properties
CWE Content Team MITRE 2020-02-24 +00:00 updated Relationships
CWE Content Team MITRE 2023-04-27 +00:00 updated References, Relationships
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2024-02-29 +00:00 updated Demonstrative_Examples

Plus d'informations
Cliquez sur le bouton à gauche (OFF), pour autoriser l'inscription de cookie améliorant les fonctionnalités du site. Cliquez sur le bouton à gauche (Tout accepter), pour ne plus autoriser l'inscription de cookie améliorant les fonctionnalités du site.