CWE-1302 – Missing Security Identifier
Description The product implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. A transaction...
CWE-1303 – Non-Transparent Sharing of Microarchitectural Resources
Description Hardware structures shared across execution contexts (e.g., caches and branch predictors) can violate the expected architecture isolation between contexts. Modes of Introduction: - Architecture...
CWE-1269 – Product Released in Non-Release Configuration
Description The product released to market is released in pre-production or manufacturing configuration. Modes of Introduction: - Implementation Related Weaknesses CWE-693 Consequences...
CWE-127 – Buffer Under-read
Description The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations prior to the targeted buffer....
CWE-1270 – Generation of Incorrect Security Tokens
Description The product implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the...
CWE-1271 – Uninitialized Value on Reset for Registers Holding Security Settings
Description Security-critical logic is not set to a known value on reset. Modes of Introduction: - Implementation Related Weaknesses CWE-665 Consequences Access...
CWE-1272 – Sensitive Information Uncleared Before Debug/Power State Transition
Description The product performs a power or debug state transition, but it does not clear sensitive information that should no longer be accessible due to...
CWE-1273 – Device Unlock Credential Sharing
Description The credentials necessary for unlocking a device are shared across multiple parties and may expose sensitive information. Modes of Introduction: - Integration ...
CWE-1274 – Improper Access Control for Volatile Memory Containing Boot Code
Description The product conducts a secure-boot process that transfers bootloader code from Non-Volatile Memory (NVM) into Volatile Memory (VM), but it does not have sufficient...
CWE-1275 – Sensitive Cookie with Improper SameSite Attribute
Description The SameSite attribute for sensitive cookies is not set, or an insecure value is used. The SameSite attribute controls how cookies are sent for...