CWE-371 8 個 CVE MITRE 定義 ↗

CWE-371:State Issues

概覽

CWE-371(State Issues)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

Weaknesses in this category are related to improper management of system state.

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2026-14685 2026-07-04 A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the compon…
CVE-2024-20455 2024-09-25 A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote at…
CVE-2020-3574 2020-11-06 A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected ca…
CVE-2020-3422 2020-09-24 A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing po…
CVE-2020-3385 2020-07-16 A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected s…
CVE-2020-3200 2020-06-03 A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerabi…
CVE-2019-1977 2019-08-30 A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cau…
CVE-2018-0282 2019-01-09 A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condi…

內容提交

名稱
CWE Community
日期
2006-07-19
版本
Draft 3
評論
Submitted by members of the CWE community to extend early CWE versions

內容修訂

日期 名稱 版本 重要性 評論
2008-09-08 CWE Content Team 1.0 updated Relationships
2010-12-13 CWE Content Team 1.11 updated Relationships
2015-12-07 CWE Content Team 2.9 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Related_Attack_Patterns, Relationships
2019-06-20 CWE Content Team 3.3 updated Relationships
2020-02-24 CWE Content Team 4.0 updated Relationships
2020-06-25 CWE Content Team 4.1 updated Relationships
2023-04-27 CWE Content Team 4.11 updated Mapping_Notes
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
cvelogic Threat Intelligence