CWE-1334: Unauthorized Error Injection Can Degrade Hardware Redundancy
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode.
常见后果
影响范围: Integrity Availability
技术影响: DoS: Crash, Exit, or Restart DoS: Instability Quality Degradation DoS: Resource Consumption (CPU) DoS: Resource Consumption (Memory) DoS: Resource Consumption (Other) Reduce Performance Reduce Reliability Unexpected State
潜在缓解措施
阶段: Architecture and Design
描述: Ensure the design does not allow error injection in modes intended for normal run-time operation. Provide access controls on interfaces for injecting errors.
阶段: Implementation
描述: Disallow error injection in modes which are expected to be used for normal run-time operation. Provide access controls on interfaces for injecting errors.
阶段: Integration
描述: Add an access control layer atop any unprotected interfaces for injecting errors.
引入模式
| 阶段 | 说明 |
|---|---|
| Architecture and Design | Such issues could be introduced during hardware architecture and design and identified later during Testing or System Configuration phases. |
| Implementation | Such issues could be introduced during implementation and identified later during Testing or System Configuration phases. |
| Integration | Such issues could be introduced during integration and identified later during Testing or System Configuration phases. |