CWE-695: Use of Low-Level Functionality

ID CWE-695

Abstraction Base

Structure Simple

Status Incomplete

The product uses low-level functionality that is explicitly prohibited by the framework or specification under which the product is supposed to operate.

The use of low-level functionality can violate the specification in unexpected ways that effectively disable built-in protection mechanisms, introduce exploitable inconsistencies, or otherwise expose the functionality to attack.

Modes of Introduction

Phase	Note
Implementation

Relationships

View			Weakness
# ID	View	Status	# ID	Name	Abstraction	Structure	Status
CWE-1000	Research Concepts	Draft	CWE-573	Improper Following of Specification by Caller	Class	Simple	Draft

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPEC™) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org

# ID	Name	Weaknesses
CAPEC-36	Using Unpublished Interfaces or Functionality	CWE-695