1. Home
  2. Weaknesses
  3. CWE-691

CWE-691: Insufficient Control Flow Management

ID CWE-691
Abstraction Pillar
Structure Simple
Status Draft
Number of CVEs 18
Detail CAPEC Dashboard Vulnerabilities Web & Social
The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.

Modes of Introduction

Phase Note
Architecture and Design
Implementation

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific
Technology Not Technology-Specific

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org
# ID Name Weaknesses
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions CWE-691

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date