SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CWE

Violation of Secure Design Principles

ID: 657		Date: (C)2012-05-14 (M)2022-10-10
Type: weakness		Status: DRAFT
Abstraction Type: Class

Description

The product violates well-established principles for secure design.

Extended Description

This can introduce resultant weaknesses or make it easier for developers to introduce related weaknesses during implementation. Because code is centered around design, it can be resource-intensive to fix design problems.

Applicable Platforms
None

Time Of Introduction

Architecture and Design
Implementation
Operation

Common Consequences

Scope	Technical Impact	Notes
Other	Other

Detection Methods
None

Potential Mitigations
None

Relationships

Related CWE	Type	View	Chain
CWE-657 ChildOf CWE-907	Category	CWE-888

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings
None

References:

Jerome H. Saltzer Michael D. Schroeder .The Protection of Information in Computer Systems. Proceedings of the IEEE 63. Published on September, 1975.
Sean Barnum Michael Gegick .Design Principles. Published on 2005-09-19.


30479



423868



248149



909



194803



282