Description
The product violates well-established principles for secure design.
This can introduce resultant weaknesses or make it easier for developers to introduce related weaknesses during implementation. Because code is centered around design, it can be resource-intensive to fix design problems.
Potential Impact
Other
Other
Real-World CVE Examples
| CVE ID | Description |
|---|---|
| CVE-2019-6260 | Baseboard Management Controller (BMC) device implements Advanced High-performance Bus (AHB) bridges that do not require authentication for arbitrary read and write access to the BMC's physical address |
| CVE-2007-5277 | The failure of connection attempts in a web browser resets DNS pin restrictions. An attacker can then bypass the same origin policy by rebinding a domain name to a different IP address. This was an at |
| CVE-2006-7142 | Hard-coded cryptographic key stored in executable program. |
| CVE-2007-0408 | Server does not properly validate client certificates when reusing cached connections. |
Related Weaknesses
Taxonomy Mappings
- ISA/IEC 62443: Part 4-1 — Req SD-3
- ISA/IEC 62443: Part 4-1 — Req SD-4
- ISA/IEC 62443: Part 4-1 — Req SI-1
Frequently Asked Questions
What is CWE-657?
CWE-657 (Violation of Secure Design Principles) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Class-level weakness. The product violates well-established principles for secure design.
How can CWE-657 be exploited?
Attackers can exploit CWE-657 (Violation of Secure Design Principles) to other. This weakness is typically introduced during the Architecture and Design phase of software development.
How do I prevent CWE-657?
Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.
What is the severity of CWE-657?
CWE-657 is classified as a Class-level weakness (High abstraction). It has been observed in 4 real-world CVEs.