The product does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect operations in a security-relevant manner.
Impact: Varies by Context, Unexpected State — Notes:
Potential Mitigations
None listed.
Applicable Platforms
None (Not Language-Specific, Undetermined)
Demonstrative Examples
N/A
Notes
Relationship: This conceptually overlaps other categories such as insufficient verification, but this entry refers to the product's incorrect perception of its own state.
Relationship: This is probably resultant from other weaknesses such as unhandled error conditions, inability to handle out-of-order steps, multiple interpretation errors, etc.
Maintenance: This entry is being considered for deprecation. It was poorly-defined in PLOVER and is not easily described using the behavior/resource/property model of vulnerability theory.