CWE-695: Use of Low-Level Functionality
ID
CWE-695
Abstraction
Base
Structure
Simple
Status
Incomplete
The product uses low-level functionality that is explicitly prohibited by the framework or specification under which the product is supposed to operate.
The use of low-level functionality can violate the specification in unexpected ways that effectively disable built-in protection mechanisms, introduce exploitable inconsistencies, or otherwise expose the functionality to attack.
Modes of Introduction
Phase | Note |
---|---|
Implementation |
Common Attack Pattern Enumeration and Classification (CAPEC)
The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.
CAPEC at Mitre.org
Loading...