Read Time:37 Second
Description
The UI performs the wrong action with respect to the user’s request.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Other: Quality Degradation, Varies by Context
Potential Mitigations
Phase: Testing
Description:
Perform extensive functionality testing of the UI. The UI should behave as specified.
CVE References
- CVE-2001-1387
- Network firewall accidentally implements one command line option as if it were another, possibly leading to behavioral infoleak.
- CVE-2001-0081
- Command line option correctly suppresses a user prompt but does not properly disable a feature, although when the product prompts the user, the feature is properly disabled.
- CVE-2002-1977
- Product does not “time out” according to user specification, leaving sensitive data available after it has expired.