CWE-684β€”Incorrect Provision of Specified Functionality

PUBLISHEDweakness record
released 2008-04-11 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-684
Abstraction:
Class
Structure:
Simple
Status:
Draft
Release Date:
2008-04-11
Latest Modification Date:
2025-12-11

Weakness Name

Incorrect Provision of Specified Functionality

Description

The code does not function according to its published specifications, potentially leading to incorrect usage.

When providing functionality to an external party, it is important that the product behaves in accordance with the details specified. When requirements of nuances are not documented, the functionality may produce unintended behaviors for the caller, possibly leading to an exploitable state.

Common Consequences

Scope:
Other
Impact:
Quality Degradation

Related Weaknesses