VYPR

CWE-437

Incomplete Model of Endpoint Features

BaseIncomplete

Description

A product acts as an intermediary or monitor between two or more endpoints, but it does not have a complete model of an endpoint's features, behaviors, or state, potentially causing the product to perform incorrect actions based on this incomplete model.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2)

  • CVE-2016-8365MedApr 3, 2018
    risk 0.36cvss 5.5epss 0.00

    OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and…

  • CVE-2022-29254Jun 6, 2022
    risk 0.00cvss epss 0.01

    silverstripe-omnipay is a SilverStripe integration with Omnipay PHP payments library. For a subset of Omnipay gateways (those that use intermediary states like `isNotification()` or `isRedirect()`), if the payment identifier or success URL is exposed it is possible for payments…