CWE-673: External Influence of Sphere Definition
| Abstraction | Structure | Status |
|---|
| None | Simple | Draft |
Description
The product does not prevent the definition of control spheres from external actors.
Extended Description
Typically, a product defines its control sphere within the code itself, or through configuration by the product’s administrator. In some cases, an external party can change the definition of the control sphere. This is typically a resultant weakness.
| Nature | ID | View ID | Name |
|---|
| ChildOf | CWE-664 | 1000 | Improper Control of a Resource Through its Lifetime |
Modes of Introduction
| Phase | Note |
|---|
| Architecture and Design | - |
| Implementation | REALIZATION: This weakness is caused during implementation of an architectural security tactic. |
Common Consequences
| Scope | Impact | Note |
|---|
| Other | Other | |