CWE-447 - Unimplemented or Unsupported Feature in UI

Read Time:45 Second

Description

A UI function for a security feature appears to be supported and gives feedback to the user that suggests that it is supported, but the underlying functionality is not implemented.

Modes of Introduction:

– Architecture and Design

Related Weaknesses

CWE-446
CWE-671

Consequences

Other: Varies by Context

Potential Mitigations

Phase: Testing

Description:

Perform functionality testing before deploying the application.

CVE References

CVE-2000-0127
- GUI configuration tool does not enable a security option when a checkbox is selected, although that option is honored when manually set in the configuration file.

CVE-2001-0863
- Router does not implement a specific keyword when it is used in an ACL, allowing filter bypass.

CVE-2001-0865
- Router does not implement a specific keyword when it is used in an ACL, allowing filter bypass.

CVE-2004-0979
- Web browser does not properly modify security setting when the user sets it.

Cyber Security News

CWE-447 – Unimplemented or Unsupported Feature in UI

Description

Related Weaknesses

Consequences

Potential Mitigations

CVE References

News, Advisories and much more