Read Time:32 Second
Description
The product implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. A transaction is sent without a security identifier.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory, DoS: Crash, Exit, or Restart, Bypass Protection Mechanism, Execute Unauthorized Code or Commands
Potential Mitigations
Phase: Architecture and Design
Description:
Transaction details must be reviewed for design inconsistency and common weaknesses.
Phase: Implementation
Description:
Security identifier definition and programming flow must be tested in pre-silicon and post-silicon testing.