CWE-2 (7PK - Environment) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that are typically introduced during unexpected environmental conditions. According to the authors of the Seven Pernicious Kingdoms, "This section includes everything that is outside of the source code but is still critical to the security of the product that is being created. Because the issues covered by this kingdom are not directly related to source code, we separated it from the rest of the kingdoms."
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships |
| 2013-07-17 | CWE Content Team | 2.5 | — | updated Relationships |
| 2015-12-07 | CWE Content Team | 2.9 | — | updated Relationships |
| 2017-01-19 | CWE Content Team | 2.10 | — | updated Maintenance_Notes, Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Description, Maintenance_Notes, Name |
| 2018-03-27 | CWE Content Team | 3.1 | — | updated Relationships |
| 2019-06-20 | CWE Content Team | 3.3 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated References |
| 2021-10-28 | CWE Content Team | 4.6 | — | updated Relationships |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Mapping_Notes |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |