CWE-1267: Policy Uses Obsolete Encoding

The product uses an obsolete encoding mechanism to implement access controls.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

Within a System-On-a-Chip (SoC), various circuits and hardware engines generate transactions for the purpose of accessing (read/write) assets or performing various actions (e.g., reset, fetch, compute, etc.). Among various types of message information, a typical transaction is comprised of source identity (identifying the originator of the transaction) and a destination identity (routing the transaction to the respective entity). Sometimes the transactions are qualified with a Security Token. This Security Token helps the destination agent decide on the set of allowed actions (e.g., access to an asset for reads and writes). A policy encoder is used to map the bus transactions to Security Tokens that in turn are used as access-controls/protection mechanisms. A common weakness involves using an encoding which is no longer trusted, i.e., an obsolete encoding.

CWE-1267: Policy Uses Obsolete Encoding

Overview

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Attack patterns

Frequently asked questions

What is CWE-1267?

How do you prevent CWE-1267?

What are the consequences of CWE-1267?

References

Stay ahead of CWE-1267

Overview

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Related weaknesses

Parent

Attack patterns

Frequently asked questions

What is CWE-1267?

How do you prevent CWE-1267?

What are the consequences of CWE-1267?

References

Stay ahead of CWE-1267