CWE-1104: Use of Unmaintained Third Party Components

ID CWE-1104

Abstraction Base

Structure Simple

Status Incomplete

Number of CVEs 4

The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.

Reliance on components that are no longer maintained can make it difficult or impossible to fix significant bugs, vulnerabilities, or quality issues. In effect, unmaintained code can become obsolete.

This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.

Applicable Platforms

Type	Class	Name	Prevalence
Technology	Not Technology-Specific
Technology	ICS/OT

Relationships

View			Weakness
# ID	View	Status	# ID	Name	Abstraction	Structure	Status
CWE-1000	Research Concepts	Draft	CWE-1357	Reliance on Insufficiently Trustworthy Component	Class	Simple	Incomplete

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date