Read Time:26 Second

Description

The product provides an application for administrators to manage parts of the underlying operating system, but the application does not accurately identify all of the relevant entities or resources that exist in the OS; that is, the application’s model of the OS’s state is inconsistent with the OS’s actual state.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-1250

 

Consequences

Access Control: Varies by Context

Accountability: Hide Activities

Other: Unexpected State

 

Potential Mitigations

Phase: Architecture and Design

Description: 

CVE References