LIVE NEWSROOM · --:-- · May 25, 2026
A LIBRARY FOR SECURITY RESEARCHERS

CWE WEAKNESSES  /  CWE-657

CWE-657

Violation of Secure Design Principles

Class

What it is

The product violates well-established principles for secure design.

This can introduce resultant weaknesses or make it easier for developers to introduce related weaknesses during implementation. Because code is centered around design, it can be resource-intensive to fix design problems.

Impact

OtherOther

Real-world CVE examples

  • CVE-2019-6260 — Baseboard Management Controller (BMC) device implements Advanced High-performance Bus (AHB) bridges that do not require authentication for arbitrary read and wr
  • CVE-2007-5277 — The failure of connection attempts in a web browser resets DNS pin restrictions. An attacker can then bypass the same origin policy by rebinding a domain name t
  • CVE-2006-7142 — Hard-coded cryptographic key stored in executable program.
  • CVE-2007-0408 — Server does not properly validate client certificates when reusing cached connections.

Related weaknesses

Test & detect

Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.

Source: MITRE CWE. View on cwe.mitre.org →

Scroll to Top