CWE

Inadvertently Introduced Weakness

ID: 518		Date: (C)2012-05-14   (M)2022-10-10
Type: category		Status: INCOMPLETE

Description

The software contains a weakness that was inadvertently introduced by the developer.

Extended Description

Inadvertent flaws may occur in requirements; they may also find their way into software during specification and coding. Although many of these are detected and removed through testing, some flaws can remain undetected and later cause problems during operation and maintenance of the software system. For a software system composed of many modules and involving many programmers, flaws are often difficult to find and correct because module interfaces are inadequately documented and global variables are used. The lack of documentation is especially troublesome during maintenance when attempts to fix existing flaws often generate new flaws because maintainers lack understanding of the system as a whole. Although inadvertent flaws do not usually pose an immediate threat to the security of the system, the weakness resulting from a flaw may be exploited by an intruder (see case D1).

Applicable Platforms
None

Time Of Introduction

• Operation
• Architecture and Design
• Implementation

Common Consequences
None

Detection Methods
None

Potential Mitigations
None

Relationships

Related CWE	Type	View	Chain
CWE-518 ChildOf CWE-504	Category	CWE-699

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

Taxynomy	Id	Name	Fit
Landwehr		Inadvertent

References:
None