CWE-1174 – ASP.NET Misconfiguration: Improper Model Validation | Common Weakness Enumeration (CWE)

Overview

CWE-1174 (ASP.NET Misconfiguration: Improper Model Validation) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact: Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

The ASP.NET application does not use, or incorrectly uses, the model validation framework.

Applicable platforms

Kind	Name	Class	Prevalence	OS / CPE
language	ASP.NET	—	Undetermined	—

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE	Published	Summary
CVE-2023-47310	2025-06-30	A misconfiguration in the default settings of MikroTik RouterOS 7 and fixed in v7.14 allows incoming IPv6 UDP traceroute packets.

Content submission

Name: CWE Content Team
Organization: MITRE
Date: 2018-12-21
Version: 3.2

Content modifications

Date	Name	Version	Importance	Comment
2020-02-24	CWE Content Team	4.0	—	updated Relationships
2021-10-28	CWE Content Team	4.6	—	updated Relationships
2023-04-27	CWE Content Team	4.11	—	updated Relationships
2023-06-29	CWE Content Team	4.12	—	updated Mapping_Notes
2025-12-11	CWE Content Team	4.19	—	updated Relationships