CWE-653 – Improper Isolation or Compartmentalization
Description The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions. When a weakness occurs...
CWE-654 – Reliance on a Single Factor in a Security Decision
Description A protection mechanism relies exclusively, or to a large extent, on the evaluation of a single condition or the integrity of a single object...
CWE-655 – Insufficient Psychological Acceptability
Description The software has a protection mechanism that is too difficult or inconvenient to use, encouraging non-malicious users to disable or bypass the mechanism, whether...
CWE-656 – Reliance on Security Through Obscurity
Description The software uses a protection mechanism whose strength depends heavily on its obscurity, such that knowledge of its algorithms or key data is sufficient...
CWE-657 – Violation of Secure Design Principles
Description The product violates well-established principles for secure design. This can introduce resultant weaknesses or make it easier for developers to introduce related weaknesses during...
CWE-66 – Improper Handling of File Names that Identify Virtual Resources
Description The product does not handle or incorrectly handles a file name that identifies a "virtual" resource that is not directly specified within the directory...
CWE-662 – Improper Synchronization
Description The software utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at...
CWE-663 – Use of a Non-reentrant Function in a Concurrent Context
Description The software calls a non-reentrant function in a concurrent context in which a competing code sequence (e.g. thread or signal handler) may have an...
CWE-664 – Improper Control of a Resource Through its Lifetime
Description The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release. Modes of Introduction: -...
CWE-665 – Improper Initialization
Description The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or...