Read Time:43 Second

Description

An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-284

 

Consequences

Integrity, Availability: DoS: Crash, Exit, or Restart, DoS: Instability, Quality Degradation, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Resource Consumption (Other), Reduce Performance, Reduce Reliability, Unexpected State

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Ensure the design does not allow error injection in modes intended for normal run-time operation. Provide access controls on interfaces for injecting errors.

Phase: Implementation

Description: 

Disallow error injection in modes which are expected to be used for normal run-time operation. Provide access controls on interfaces for injecting errors.

Phase: Integration

Description: 

Add an access control layer atop any unprotected interfaces for injecting errors.

CVE References