Call to Non-ubiquitous API

The product uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences.

  • Source

    CWE Catalog - 4.12

  • Identifier

    CWE-589

  • Status

    Incomplete

Contents

Description

Some functions that offer security features supported by the OS are not available on all versions of the OS in common use. Likewise, functions are often deprecated or made obsolete for security reasons and should not be used.

See Also

Comprehensive Categorization: Poor Coding Practices

Weaknesses in this category are related to poor coding practices.

SEI CERT Oracle Secure Coding Standard for Java - Guidelines 06. Methods (MET)

Weaknesses in this category are related to the rules and recommendations in the Methods (MET) section of the SEI CERT Oracle Secure Coding Standard for Java.

SFP Secondary Cluster: Use of an Improper API

This category identifies Software Fault Patterns (SFPs) within the Use of an Improper API cluster (SFP3).

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Quality Weaknesses with Indirect Security Impacts

CWE identifiers in this view (slice) are quality issues that only indirectly make it easier to introduce a vulnerability and/or make the vulnerability more difficult t...

Weaknesses Introduced During Implementation

This view (slice) lists weaknesses that can be introduced during implementation.

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.