Inadvertently Introduced Weakness
Description The software contains a weakness that was inadvertently introduced by the developer. Extended DescriptionInadvertent flaws may occur in requirements; they may also find their way into software during specification and coding. Although many of these are detected and removed through testing, some flaws can remain undetected and later cause problems during operation and maintenance of the software system. For a software system composed of many modules and involving many programmers, flaws are often difficult to find and correct because module interfaces are inadequately documented and global variables are used. The lack of documentation is especially troublesome during maintenance when attempts to fix existing flaws often generate new flaws because maintainers lack understanding of the system as a whole. Although inadvertent flaws do not usually pose an immediate threat to the security of the system, the weakness resulting from a flaw may be exploited by an intruder (see case D1). Applicable PlatformsNone Time Of Introduction
Common ConsequencesNone Detection MethodsNone Potential MitigationsNone Relationships
Demonstrative ExamplesNone White Box Definitions None Black Box Definitions None Taxynomy Mappings
References:None |