CWE-673: External Influence of Sphere Definition
ID
CWE-673
Abstraction
Class
Structure
Simple
Status
Draft
The product does not prevent the definition of control spheres from external actors.
Typically, a product defines its control sphere within the code itself, or through configuration by the product's administrator. In some cases, an external party can change the definition of the control sphere. This is typically a resultant weakness.
Modes of Introduction
Phase | Note |
---|---|
Architecture and Design | |
Implementation | REALIZATION: This weakness is caused during implementation of an architectural security tactic. |
Loading...